Ukrainian cyber defenders report that fast-acting Russian military intelligence hackers have been targeting government agencies as well as organizations in Poland using backdoor malware tied to phishing lures based on a fake letter from the Ukrainian deputy prime minister. The Computer Emergency Response Team of Ukraine on Thursday detailed a spear-phishing campaign that it has…

McAfee Mobile Research Team discovered a new Android backdoor dubbed Xamalicious that can take full control of the device and perform fraudulent actions. The malware has been implemented with Xamarin, an open-source framework that allows building Android and iOS apps with .NET and C#. Xamalicious relies on social engineering to gain accessibility privileges, then it…

A Russian man accused by the United States of trafficking in a hacked database of online credentials will apparently evade American courts after the Russian government said it had succeeded in extraditing him. Russian prosecutors said authorities in Kazakhstan will transfer the man, Nikita Kislitsin, to face charges related to an October 2022 hacking incident…

Active since early 2023, the malware initially targeted mobile banking applications in Australia and Poland, but has since expanded its reach to the UK and Italy. When initially uncovered, ThreatFabric explains, Chameleon used multiple loggers, had limited malicious functionality, and contained various unused commands, suggesting that it was still under development. Employing a proxy feature…

The company said the new equity round was led by L2 Point Management and brings the total raised to $70 million. SimSpace is marketing a so-called “Cyber Force Platform” that provides technology for organizations to stand up pre-defined or customized cyber range simulations that are secure and scalable “SimSpace’s internal threat intelligence teams and partners,…

The new AI Safety Initiative has attracted participation from tech heavyweights Microsoft, Amazon and Google OpenAI and Anthropic and plans to work on tools, templates and data for deploying AI/LLM technology in a safe, ethical and compliant manner. “The AI Safety Initiative is actively developing practical safeguards for today’s generative AI, structured in a way…

Toyota Financial Services (TFS) is warning customers it has suffered a data breach that exposed sensitive personal and financial data. “Due to an attack on the systems, unauthorized persons gained access to personal data. Affected customers have now been informed. Toyota Kreditbank’s systems have been gradually restarted since December 1st.” reads a statement published by…

The soaring costs of recovering from a security incident or data breach is driving interest in cyber insurance. While cyber insurance is typically viewed as a product mainly for large organizations seeking coverage and protection against state-sponsored attackers, criminals, and politically motivated hackers, it is also valuable to small and midsized companies and independent contractors….