January 22, 2024 – INDIA NEWS

MavenGate Attack Could Let Hackers Hijack Java and Android via Abandoned Libraries

admin10 months ago08 mins

[ad_1] Several public and popular libraries abandoned but still used in Java and Android applications have been found susceptible to a new software supply chain attack method called MavenGate. “Access to projects can be hijacked through domain name purchases and since most default build configurations are vulnerable, it would be difficult or even impossible to…

North Korean Hackers Weaponize Fake Research to Deliver RokRAT Backdoor

admin10 months ago05 mins

[ad_1] Jan 22, 2024NewsroomCyber Attack / Hacking Media organizations and high-profile experts in North Korean affairs have been at the receiving end of a new campaign orchestrated by a threat actor known as ScarCruft in December 2023. “ScarCruft has been experimenting with new infection chains, including the use of a technical threat research report as…

52% of Serious Vulnerabilities We Find are Related to Windows 10

admin10 months ago013 mins

[ad_1] We analyzed 2,5 million vulnerabilities we discovered in our customer’s assets. This is what we found. Digging into the data The dataset we analyze here is representative of a subset of clients that subscribe to our vulnerability scanning services. Assets scanned include those reachable across the Internet, as well as those present on internal…

NS-STEALER Uses Discord Bots to Exfiltrate Your Secrets from Popular Browsers

admin10 months ago03 mins

[ad_1] Jan 22, 2024NewsroomBrowser Security / Cyber Threat Cybersecurity researchers have discovered a new Java-based “sophisticated” information stealer that uses a Discord bot to exfiltrate sensitive data from compromised hosts. The malware, named NS-STEALER, is propagated via ZIP archives masquerading as cracked software, Trellix security researcher Gurumoorthi Ramanathan said in an analysis published last week….

FTC Bans InMarket for Selling Precise User Location Without Consent

admin10 months ago07 mins

[ad_1] Jan 22, 2024NewsroomPrivacy / Technology The U.S. Federal Trade Commission (FTC) is continuing to clamp down on data brokers by prohibiting InMarket Media from selling or licensing precise location data. The settlement is part of allegations that the Texas-based company did not inform or seek consent from consumers before using their location information for…

Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks

admin10 months ago03 mins

[ad_1] Jan 22, 2024NewsroomVulnerability / Malware Cybersecurity researchers are warning of a “notable increase” in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ to deliver the Godzilla web shell on compromised hosts. “The web shells are concealed within an unknown binary format and are designed to evade security and signature-based scanners,” Trustwave…