€5.5 million fine imposed on WhatsApp for data protection violations
On Thursday, Ireland’s Data Protection Commission (DPC) fined Meta’s WhatsApp a new €5.5 million for violating data protection laws when processing users’ personal data. As a result of the ruling, the platform’s Terms of Service have been updated, requiring users to agree to the new terms in preparation for the General Data Protection Regulation (GDPR) […]
Android devices are being exploited by hackers with RATs
The threat actor behind the BlackRock and ERMAC Android banking trojans has unleashed yet another malware for rent called Hook that introduces new capabilities to access files stored on the devices and create a remote interactive session. ThreatFabric, in a report, characterized Hook as a novel ERMAC fork that’s advertised for sale for $7,000 per […]
Warning: Tainted VPNs are Distributing EyeSpy Monitoring Software
A compromised VPN installer is used to distribute surveillance software called EyeSpy as part of a malware campaign launched in May 2022. It uses “SecondEye’s component (a legitimate surveillance application) to spy on users of Iran-based VPN service, 20Speed VPN, via trojanized installers,” said Bitdefender in its analysis. The US Romanian cybersecurity firm added that […]
Permissions matter for SaaS Security – Why?
Earlier this year, attackers compromised Mailchimp, a popular SaaS email marketing platform. We examined over 300 Mailchimp customer accounts and exported audience data from 102 of them. The compromise was preceded by a successful phishing attempt that launched a malicious attack against an end-user of a Mailchimp customer. Three months later, Mailchimp suffered another attack. […]
Facebook pays $725 million to settle lawsuit over Cambridge Analytica data breach
Meta Platforms, the parent company of Facebook, Instagram, and WhatsApp, has agreed to pay $725 million to settle a lengthy class-action lawsuit filed in 2018. application used by Cambridge Analytica to access users’ personal information without consent for political advertising purposes. The proposed settlement, first reported by Reuters last week, is the latest penalty the […]
Over 829 million cyberattacks blocked in Q4
In the fourth quarter (Q4) of 2022, over 829 million cyberattacks were blocked globally, including 59% of Indian websites. According to application security firm Industace, the report said there was a sharp increase in the intensity and frequency of DDoS and bot attacks in 2004 compared to the third quarter. “During the quarter, we saw […]
BrasDex is a new Android malware from Casbaneiro Actors
A new Android malware called BrasDex was exposed to users in Brazil as part of a multi-platform campaign. The malware targets a series of Brazilian applications and high-performance Automated Transfer System (ATS) engines in an ongoing multi-platform campaign. Diving into Details BrasDex, a trojan for Android, was developed by the attackers who created the Casbaneiro […]
85% of attacks now use encrypted channels
According to Zscaler, malware continues to be the biggest threat to individuals and businesses across nine key industries, with manufacturing, education, and healthcare being the most common targets. Encryption attacks remain a serious problem for countries around the world, with the United States, India and Japan seeing the largest increases in attacks in 12 years. […]
What developers need to deal with common vulnerabilities
Today’s threat landscape is constantly changing, and now more than ever, organizations and businesses across all industries have an urgent need to consistently produce and maintain secure software. While certain verticals – such as the financial sector – have been subject to regulatory and compliance requirements for some time, we are seeing increased attention towards […]
24% of Technology applications contain high-risk security vulnerabilities
With a higher percentage of applications arguably processed than other industries, technology companies can benefit from implementing improved secure coding training and practices for their development teams. In fact, Veracode revealed that 24% of applications in the technology sector contain vulnerabilities considered high-risk. “Expanding software security intuition by providing developers with hands-on experience of what […]