Tag: mobile
-
Cybersecurity Snapshot: CISA Hands Down Cloud Security Directive, While Threat from North Korean IT Workers Gets the Spotlight
by
in SecurityNews
Tags: access, ai, authentication, best-practice, business, china, cisa, cisco, cloud, computer, control, cyber, cybersecurity, data, data-breach, email, extortion, finance, framework, fraud, google, government, guide, hacker, identity, incident, incident response, infrastructure, intelligence, international, Internet, jobs, korea, kubernetes, law, lessons-learned, linux, login, malicious, microsoft, mobile, monitoring, network, north-korea, office, password, regulation, risk, risk-management, russia, service, software, tactics, technology, threat, tool, updateCheck out the new cloud security requirements for federal agencies. Plus, beware of North Korean government operatives posing as remote IT pros. Also, learn how water plants can protect their HMIs against cyberattacks. And get the latest on the U.S. cyber incident response framework; the CIS Benchmarks; and local and state governments’ cyber challenges. Dive…
-
Russia fires its biggest cyberweapon against Ukraine
by
in SecurityNews
Tags: access, attack, breach, cisa, communications, country, cyber, cyberattack, defense, email, governance, government, group, incident response, infrastructure, intelligence, microsoft, mitigation, mobile, risk, russia, service, strategy, threat, ukraine, vulnerability, warfareUkraine has faced one of the most severe cyberattacks in recent history, targeting its state registries and temporarily disrupting access to critical government records.Ukrainian Deputy Prime Minister Olga Stefanishyna attributed the attack to Russian operatives, describing it as an attempt to destabilize the country’s vital digital infrastructure amid the ongoing war.”It’s already clear that the…
-
Die 10 besten APITools
by
in SecurityNews
Tags: ai, api, application-security, cloud, computing, credentials, cyberattack, data, ddos, docker, github, hacker, hacking, infrastructure, injection, mobile, open-source, programming, risk, service, software, sql, tool, vulnerability, wafMithilfe von APIs können verschiedene Software-Komponenten und -Ressourcen miteinander interagieren. Foto: eamesBot shutterstock.comAnwendungsprogrammierschnittstellen (Application Programming Interfaces, APIs) sind zu einem wichtigen Bestandteil von Netzwerken, Programmen, Anwendungen, Geräten und fast allen anderen Bereichen der Computerlandschaft geworden. Dies gilt insbesondere für das Cloud Computing und das Mobile Computing. Beides könnte in der derzeitigen Form nicht existieren, wenn…
-
CISA mobile security advice gets personal in wake of telecom intrusions
by
in SecurityNewsThe agency’s recommendations are not for the technically inept. Yet the extraordinary measures, including the;use of encrypted apps,;are applicable to all audiences. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-mobile-security-advice/736048/
-
CISA Releases Mobile Security Guidance After Chinese Telecom Hacking
by
in SecurityNewsIn light of recent Chinese hacking into US telecom infrastructure, CISA has released guidance on protecting mobile communications. The post CISA Releases Mobile Security Guidance After Chinese Telecom Hacking appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisa-releases-mobile-security-guidance-after-chinese-telecom-hacking/
-
CISA issues mobile security guidance following China hacks
by
in SecurityNewsFollowing the Salt Typhoon attacks, CISA offers advice to ‘highly targeted’ individuals, such as using end-to-end encryption and moving away from purely SMS-based MFA. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366617459/CISA-issues-mobile-security-guidance-following-China-hacks
-
US government urges high-ranking officials to lock down mobile devices following telecom breaches
by
in SecurityNewsThe move to urge Americans to use end-to-end encrypted apps comes as China-backed gangs are hacking into phone and internet giants. First seen on techcrunch.com Jump to article: techcrunch.com/2024/12/19/us-government-urges-high-ranking-officials-to-lock-down-mobile-devices-following-telecom-breaches/
-
New Mobile Phishing Targets Executives with Fake DocuSign Links
by
in SecurityNewsCybercriminals are using advanced techniques to target executives with mobile-specific phishing attacks. First seen on hackread.com Jump to article: hackread.com/mobile-phishing-executives-fake-docusign-links/
-
IAM Predictions for 2025: Identity as the Linchpin of Business Resilience
by
in SecurityNews
Tags: access, ai, apple, attack, authentication, banking, breach, business, cloud, compliance, corporate, credentials, crime, data, deep-fake, detection, finance, iam, identity, malicious, microsoft, mobile, office, passkey, password, privacy, regulation, resilience, risk, service, supply-chain, theft, threat, tool, vulnerabilityIAM Predictions for 2025: Identity as the Linchpin of Business Resilience madhav Thu, 12/19/2024 – 05:33 As we look toward 2025, the lessons of 2024 serve as a stark reminder of the rapidly evolving identity and access management (IAM) landscape. The numbers tell the story: The latest Identity Theft Resource Center report indicates that consumers…
-
UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ App
The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed that a threat actor it tracks as UAC-0125 is leveraging Cloudflare Workers service to trick military personnel in the country into downloading malware disguised as Army+, a mobile app that was introduced by the Ministry of Defence back in August 2024 in an effort to…
-
CISA Released Secure Mobile Communication Best Practices 2025
by
in SecurityNews
Tags: best-practice, china, cisa, communications, cyber, cybersecurity, espionage, infrastructure, malicious, mobile, threatThe Cybersecurity and Infrastructure Security Agency (CISA) has released new best practice guidance to safeguard mobile communications amid rising concerns over cyber espionage activities linked to People’s Republic of China (PRC)-affiliated threat actors. These malicious actors have been targeting commercial telecommunications infrastructure to intercept call records and compromise the private communications of highly targeted individuals,…
-
US CISA Endorses Encrypted Apps Amid Chinese Telecom Hack
by
in SecurityNewsCISA Recommends Strict Mobile Security Measures Following Salt Typhoon Telecom Hack. The Cybersecurity and Infrastructure Security Agency’s latest guidance calls on top U.S. political and government officials to adopt stricter mobile security measures in response to the Salt Typhoon hacking campaign, a Chinese espionage effort that has infiltrated major telecom systems. First seen on govinfosecurity.com…
-
Mobile Spear Phishing Targets Executive Teams
by
in SecurityNewsOver the past few months, enterprises have observed a pattern of sophisticated spearphishing attempts targeting their executives, with some specifically targeting their mobile devices. Our blog shares the details. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/mobile-spear-phishing-targets-executive-teams/
-
CISA urges senior government officials to lock down mobile devices amid ongoing Salt Typhoon breach
by
in SecurityNewsA 5-page advisory provided troves of guidance for both Apple and Android users, urging all “highly targeted individuals” to rely on the “consistent use of end-to-end encryption.”]]> First seen on therecord.media Jump to article: therecord.media/cisa-urges-senior-officials-to-lock-down-devices-salt-typhoon
-
CISA pushes guide for high-value targets to secure mobile devices
by
in SecurityNewsThe guide comes as the government continues to deal with the fallout of the Salt Typhoon hack. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-mobile-security-best-practices-salt-typhoon/
-
DEF CON 32 Leveraging Private APNs For Mobile Network Traffic Analysis
by
in SecurityNewsAuthor/Presenter: Aapo Oksman Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/def-con-32-leveraging-private-apns-for-mobile-network-traffic-analysis/
-
Blackberry sells Cylance to Arctic Wolf for $160M
by
in SecurityNews
Tags: mobileAfter exiting the mobile device market, Blackberry acquired Cylance for $1.4 billion in 2018 in an effort to expand its presence in enterprise security. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366617309/Blackberry-sells-Cylance-to-Arctic-Wolf-for-160M
-
Amnesty Accuses Serbia of Tracking Journalists and Activists with Spyware
by
in SecurityNewsThe Serbian authorities have been using advanced mobile forensics products made by Israeli firm Cellebrite to extract data from mobile devices illegally First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/amnesty-accuses-serbia-spyware/
-
The Hidden Risks of Mobile Calls and Messages: Why EndEnd Encryption is Just the Starting Line
by
in SecurityNews
Tags: access, android, breach, business, communications, control, cybercrime, cybersecurity, data, encryption, endpoint, espionage, government, identity, intelligence, mobile, network, risk, service, startup, technology, threat, tool, update, vulnerabilityThe recent breaches of sovereign telecom networks in the United States, underscores how highly connected but fragmented public networks are increasingly vulnerable to sophisticated attacks. Another rising concern is the blind trust organizations and individuals put into consumer-grade messaging apps such as WhatsApp to share government and commercially-sensitive information. Some of the biggest risks concerning these…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 24
by
in SecurityNewsSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. PROXY.AM Powered by Socks5Systemz Botnet AppLite: A New AntiDot Variant Targeting Mobile Employee Devices Inside Zloader’s Latest Trick: DNS Tunneling BSI points out pre-installed malware on IoT devices Declawing PUMAKIT Image-Based Malware Classification Using QR and…
-
Why the Recent Telecom Hack Underscores the Need for EndEnd Encryption
by
in SecurityNewsThe recent massive telecom hack by the Chinese state-sponsored group Salt Typhoon has highlighted critical vulnerabilities in traditional communication systems. The breach targeted major U.S. telecom providers, including Verizon, AT&T, and T-Mobile, compromising sensitive communications of government officials, political entities, and businesses. Attackers accessed call records, unencrypted text messages, and even live call audio by……
-
Russian cyberspies target Android users with new spyware
Russian cyberspies Gamaredon has been discovered using two Android spyware families named ‘BoneSpy’ and ‘PlainGnome’ to spy on and steal data from mobile devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-gamaredon-cyberspies-target-android-users-with-new-spyware/
-
Experts discovered the first mobile malware families linked to Russia’s Gamaredon
by
in SecurityNewsThe Russia-linked APT Gamaredon used two new Android spyware tools called BoneSpy and PlainGnome against former Soviet states. Lookout researchers linked the BoneSpy and PlainGnome Android surveillance families to the Russian APT group Gamaredon (a.k.a. Armageddon, Primitive Bear, and ACTINIUM). These are the first known mobile malware families linked to the Russian APT. The cyberespionage group is behind a…
-
Chinese Cops Caught Using Android Spyware to Track Mobile Devices
Law enforcement across mainland China have been using EagleMsgSpy surveillance tool to collect mobile device data since at least 2017, new research shows. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/chinese-cops-using-android-spyware-track-mobile-devices
-
Die wichtigsten Cybersecurity-Prognosen für 2025
by
in SecurityNews
Tags: access, ai, apple, apt, cloud, cyberattack, cybercrime, cybersecurity, cyersecurity, data, deep-fake, governance, incident response, jobs, kritis, malware, military, mobile, nis-2, ransomware, service, software, stuxnet, supply-chain -
Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement
Chinese law enforcement uses the mobile surveillance tool EagleMsgSpy to gather data from Android devices, as detailed by Lookout. Researchers at the Lookout Threat Lab discovered a surveillance tool, dubbed EagleMsgSpy, used by Chinese law enforcement to spy on mobile devices. The researchers analyzed multiple samples of the malware and gained access to internal documents obtained from…
-
Gamaredon Deploys Android Spyware “BoneSpy” and “PlainGnome” in Former Soviet States
The Russia-linked state-sponsored threat actor tracked as Gamaredon has been attributed to two new Android spyware tools called BoneSpy and PlainGnome, marking the first time the adversary has been discovered using mobile-only malware families in its attack campaigns.”BoneSpy and PlainGnome target former Soviet states and focus on Russian-speaking victims,” Lookout said in an analysis. “Both…