A European Parliament committee investigating the abuse of commercial spyware tools such as Pegasus recommended a slew of new regulatory safeguards but dropped a preliminary call for a moratorium. In place of a continental pause on European Union member governments’ deployment of spyware that can surreptitiously infect smartphones to record the location, telephone calls and…
The security of hundreds of Micro-Star International products is at risk due to hackers leaking private code signing keys stolen during a data breach last month. The Money Message ransomware group began leaking stolen data last Thursday after “no agreement” was reached with the Taiwanese PC vendor, the group said on its data leak site….
Researchers found Android malware masquerading as a legitimate application available and downloaded over 620,000 times from the Google Play store. The apps have been active since 2022, posing as legitimate photo-editing apps, camera editors and smartphone wallpaper packs. Researchers found 11 legitimate applications infected with the malware, dubbed Fleckpe by Kaspersky, which have been since…
When Russia launched its all-out war against Ukraine in February 2022, many cybersecurity watchers feared ransomware groups would serve as a proxy force. But Moscow doesn’t appear to have deputized cybercrime-driven crypto-locking malware brigades. So said participants in a panel held Friday by the Institute for Security and Technology on the ransomware implications of the…
Google has added a new certification program aimed at training a new generation of cybersecurity professionals under its existing Google Career Certificates initiative. Google estimates there are currently more than 750,000 open cybersecurity jobs in the US alone, while meanwhile the rate of cyberattacks increased 38% globally. The new Google Cybersecurity Certificate program will offer…
The Superior Court of New Jersey Appellate Division has ruled in favor of Merck in its $1.4 billion claim against the insurance industry for denying payment for damages caused by the 2017 NotPetya cyberattack. Merck did not have separate cyber insurance, and instead relied on the ‘all risks’ element of its property insurance. According to…
Apple rolled out the first of its kind Rapid Security Response update — quick fixes automatically installed on iPhones, iPads, and iMacs in-between software updates. On May 1, devices with default settings were updated with iOS 16.4.1, iPadOS 16.4.1, or macOS Ventura 13.3.1, according to the company’s notice to users, which contained few details. Rapid…
T-Mobile suffered the second data breach of 2023, threat actors had access to the personal information of hundreds of customers starting in late February 2023. The security breach impacted a limited number of customers, only 836 individuals. The carrier states that personal financial account information and call records were not affected by the security breach….
Expert instructors from the SANS Institute here yesterday detailed what they cite as the most dangerous forms of cyberattacks for 2023. Some of the key themes bubbling to the surface included the intersection of AI with attack patterns and the ways that attackers are taking advantage of highly flexible development environments. “This is my favorite…
Iranian hackers are deploying an updated backdoor apparently targeting Israeli academic researchers with an interest in Iraq. Researchers at Check Point Security said a group they have dubbed “Educated Manticore” is sending the Iraq-themed bait in order to coax users into initiating a new and improved infection chain that ends with deployment of an implant…
PEGA Committee Calls for Limits on Commercial Spyware
