Application Security

Application Security

Issued by: Security Week

Building on previous research, white papers, and other projects from Adobe’s Security Intelligence Team, OSAS out-of-the-box allows researchers to experiment with datasets, control data processing and feature combining, and help identify a solution for detecting security threats. The new open-source project tackles the issue of data sparsity, which may appear when using machine learning (ML)…

Application Security, Cloud Security, Network Security

Issued by: Security Week

Several cybersecurity-related acquisitions and mergers were announced in the week of April 19-25, 2021. Altron acquires Lawtrust South Africa-based technology solutions provider Altron has acquired Lawtrust, which provides digital trust and cybersecurity solutions, for ZAR 245 million (USD 17 million). Lawtrust, which is also based in South Africa, will help Altron expand its security offerings….

Application Security

Issued by: Security Week

Last Thursday (April 15th), Rosenworcel made a statement on future priorities by reestablishing the Communications, Security, Reliability, and Interoperability Council (CSRIC) with a focus on 5g networks and software and cloud services vulnerabilities. “I am committed to working with our federal partners and the private sector to increase the security and resiliency of our nation’s…

Application Security

Issued by: Security Week

The new iOS 14.4.2 was released on Friday with yet another band-aid for Apple’s flagship iOS platform and the company said it was “aware of reports that an exploit for this issue exists in the wild.” As is customary, the company did not provide any additional details on the in-the-wild attacks. A brief advisory describes…

Application Security

Issued by: Dark Reading

Researchers at Check Point recently discovered that the operator of a malware tool that breaks into mobile users’ financial accounts was employing a novel new method to sneak its malware into Google’s official Android Play mobile app store. The method involved using Google’s own Firebase platform for command-and-control (C2) communications and using GitHub as a…

Application Security, Network Security

Issued by: Dark Reading

Organizations that want to stay ahead of cybercriminals will find that going beyond user trust and device trust is critical for oThe invention of the term “zero trust” is generally credited to former Forrester analyst John Kindervag more than a decade ago. Although it’s not new, the concept has received renewed interest and market traction…

Application Security, Vulnerabilities

Issued by: Help Net Security

Bugs in several messaging/video chat mobile apps allowed attackers to spy on targeted users’s surroundings. The vulnerabilities – in Signal, Google Duo, Facebook Messenger, JioChat, and Mocha – could be triggered by simply placing a call to the target’s device – no other action was needed. Searching for bugs in video chat apps In early…

Application Security

Issued by: Security Week

The automated scam service has been named Classiscam by Group-IB and it’s meant to help cybercriminals steal money and payment data from unsuspecting victims, through the use of fake pages mimicking those of legitimate classifieds, marketplaces and delivery services. The Classiscam scheme is powered by Telegram chatbots, which generate a complete phishing kit, including courier…

Application Security

Issued by: Security Week

Facebook Takes Legal Action Against Data Scrapers

In a lawsuit filed in Portugal, Facebook Inc. and Facebook Ireland seek permanent injunction against the two for violation of the social media platform’s terms of service and Portugal’s Database Protection Law. The social media giant says that the two created browser extensions that they made available for download through the Chrome Web Store. The…