Telegram Agrees to Share User Data With Authorities for Criminal Investigations

In a major policy reversal, the popular messaging app Telegram has announced it will give users IP addresses and phone numbers to authorities in response to valid legal requests in an attempt to rein in criminal activity on the platform. Weve made it clear that the IP addresses and phone numbers

Boston Dynamics partners with Assa Abloy to let the dogs in

Telegram will now hand over your phone number and IP if youre a criminal suspect

Microsofts largest ever security transformation detailed in new report

THN Cybersecurity Recap Last Weeks Top Threats and Trends September 16-22

Hold on tight, folks, because last weeks cybersecurity landscape was a rollercoaster! We witnessed everything from North Korean hackers dangling dream jobs to expose a new malware, to a surprising twist in the Apple vs. NSO Group saga. Even the seemingly mundane world of domain names and cloud configurations had

Why Never Expire Passwords Can Be a Risky Decision

Password resets can be frustrating for end users. Nobody likes being interrupted by the ‘time to change your password’ notification – and they like it even less when the new passwords they create are rejected by their organization’s password policy. IT teams share the pain, with resetting passwords via service

Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk

A critical security flaw has been disclosed in the Microchip Advanced Software Framework (ASF) that, if successfully exploited, could lead to remote code execution. The vulnerability, tracked as CVE-2024-7490, carries a CVSS score of 9.5 out of a maximum of 10.0. It has been described as a stack-based overflow vulnerability in

Discord Introduces DAVE Protocol for End-to-End Encryption in Audio and Video Calls

Popular social messaging platform Discord has announced that its rolling out a new custom end-to-end encrypted (E2EE) protocol to secure audio and video calls. The protocol has been dubbed DAVE, short for Discords audio and video end-to-end encryption (E2EE A/V). As part of the change introduced last week, voice and video in

New PondRAT Malware Hidden in Python Packages Targets Software Developers

Threat actors with ties to North Korea have been observed using poisoned Python packages as a way to deliver a new malware called PondRAT as part of an ongoing campaign. PondRAT, according to new findings from Palo Alto Networks Unit 42, is assessed to be a lighter version of POOLRAT (aka

Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware

A suspected advanced persistent threat (APT) originating from China targeted a government organization in Taiwan, and possibly other countries in the Asia-Pacific (APAC) region, by exploiting a recently patched critical security flaw impacting OSGeo GeoServer GeoTools. The intrusion activity, which was detected by Trend Micro in July 2024, has been attributed

Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks

A hacktivist group known as Twelve has been observed using an arsenal of publicly available tools to conduct destructive cyber attacks against Russian targets. Rather than demand a ransom for decrypting data, Twelve prefers to encrypt victims data and then destroy their infrastructure with a wiper to prevent recovery, Kaspersky said

LinkedIn Halts AI Data Processing in UK Amid Privacy Concerns Raised by ICO

The U.K. Information Commissioners Office (ICO) has confirmed that professional social networking platform LinkedIn has suspended processing users data in the country to train its artificial intelligence (AI) models. We are pleased that LinkedIn has reflected on the concerns we raised about its approach to training generative AI models with information

Ukraine Bans Telegram Use for Government and Military Personnel

Ukraine has restricted the use of the Telegram messaging app by government officials, military personnel, and other defense and critical infrastructure workers, citing national security concerns. The ban was announced by the National Coordination Centre for Cybersecurity (NCCC) in a post shared on Facebook. I have always advocated and advocate for freedom

Researcher reveals catastrophic security flaw in the Arc browser

Europol Shuts Down iServer Phishing Scheme and Ghost Cybercrime Chat Platform

Law enforcement authorities have announced the takedown of an international criminal network that leveraged a phishing platform to unlock stolen or lost mobile phones. The phishing-as-a-service (PhaaS) platform, called iServer, is estimated to have claimed more than 483,000 victims globally, led by Chile (77,000), Colombia (70,000), Ecuador (42,000), Peru (41,500), Spain

Passwordless AND Keyless The Future of Privileged Access Management

In IT environments, some secrets are managed well and some fly under the radar. Here’s a quick checklist of what kinds of secrets companies typically manage, including one type they should manage Passwords [x] TLS certificates [x] Accounts [x] SSH keys ??? The secrets listed above are typically secured with privileged access management (PAM) solutions

Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East

An Iranian advanced persistent threat (APT) threat actor likely affiliated with the Ministry of Intelligence and Security (MOIS) is now acting as an initial access facilitator that provides remote access to target networks. Google-owned Mandiant is tracking the activity cluster under the moniker UNC1860, which it said shares similarities with intrusion

Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature

Google on Thursday unveiled a Password Manager PIN to let Chrome web users sync their passkeys across Windows, macOS, Linux, ChromeOS, and Android devices. This PIN adds an additional layer of security to ensure your passkeys are end-to-end encrypted and cant be accessed by anyone, not even Google, Chrome product manager

Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks

Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance (CSA) has come under active exploitation in the wild. The new vulnerability, assigned the CVE identifier CVE-2024-8963, carries a CVSS score of 9.4 out of a maximum of 10.0. It was incidentally addressed by the company as part of

Californians can now add their drivers licenses to Apple Wallet

Wherever Theres Ransomware Theres Service Account Compromise Are You Protected

Until just a couple of years ago, only a handful of IAM pros knew what service accounts are. In the last years, these silent Non-Human-Identities (NHI) accounts have become one of the most targeted and compromised attack surfaces. Assessments report that compromised service accounts play a key role in lateral

Googles passkey syncing makes it easier to move on from passwords

Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms

Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from Huntress. Attackers have been observed brute-forcing the software at scale, and gaining access simply by using the product’s default credentials, the cybersecurity company said. Targets of the emerging threat include plumbing, HVAC

New Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing Emails

A previously undocumented malware called SambaSpy is exclusively targeting users in Italy via a phishing campaign orchestrated by a suspected Brazilian Portuguese-speaking threat actor. Threat actors usually try to cast a wide net to maximize their profits, but these attackers are focused on just one country, Kaspersky said in a new

New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit

The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS) infrastructures based on the CentOS operating system. The initial access was accomplished via a Secure Shell (SSH) brute force attack on the victims assets, during which the threat actor uploaded a

Exploding pagers kill nine and injure thousands in an attack on Hezbollah