CrowdStrike Reveals Root Cause of Global System Outages
Cybersecurity company CrowdStrike has published its root cause analysis detailing the Falcon Sensor software update crash that crippled millions of Windows devices globally. The « Channel File 291 » incident, as originally highlighted in its Preliminary Post Incident Review (PIR), has been traced back to a content validation issue that arose after it introduced a new Template […]
Les opérateurs téléphoniques inclus dans la lutte contre la fraude bancaire en Russie
Depuis le 25 juillet 2024, les banques russes ont commencé à restituer aux clients les fonds volés par les fraudeurs dans le cadre d’un nouveau système antipiratage de carte bancaire. Les opérateurs téléphoniques sont impliqués dans la chasse aux pirates.
Arnaques crypto : nouvelle méthode de drainage des fonds sur le réseau TON
Les arnaques en crypto-monnaies continuent d’évoluer, exploitant la confiance des utilisateurs et les technologies de pointe pour dérober des fonds.
Un Milliardaire Chinois en exil reconnu coupable d’escroquerie 2.0
Un milliardaire chinois exilé aux USA connu pour ses virulentes critiques du Parti communiste chinois a été reconnu coupable escroqué ses abonnés en ligne de centaines de millions de dollars.
Chameleon Android Banking Trojan Targets Users Through Fake CRM App
Cybersecurity researchers have lifted the lid on a new technique adopted by threat actors behind the Chameleon Android banking trojan targeting users in Canada by masquerading as a Customer Relationship Management (CRM) app. « Chameleon was seen masquerading as a CRM app, targeting a Canadian restaurant chain operating internationally, » Dutch security outfit ThreatFabric said in a […]
Apple’s New macOS Sequoia Tightens Gatekeeper Controls to Block Unauthorized Software
Apple on Tuesday announced an update to its next-generation macOS version that makes it a little more difficult for users to override Gatekeeper protections. Gatekeeper is a crucial line of defense built into macOS designed to ensure that only trusted apps run on the operating system. When an app is downloaded from outside of the […]
INTERPOL Recovers $41 Million in Largest Ever BEC Scam in Singapore
INTERPOL said it devised a « global stop-payment mechanism » that helped facilitate the largest-ever recovery of funds defrauded in a business email compromise (BEC) scam. The development comes after an unnamed commodity firm based in Singapore fell victim to a BEC scam in mid-July 2024. It refers to a type of cybercrime where a malicious actor […]
North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry
The North Korea-linked threat actor known as Moonstone Sleet has continued to push malicious npm packages to the JavaScript package registry with the aim of infecting Windows systems, underscoring the persistent nature of their campaigns. The packages in question, harthat-api and harthat-hash, were published on July 7, 2024, according to Datadog Security Labs. Both the […]
Suspicious Minds: Insider Threats in The SaaS World
Everyone loves the double-agent plot twist in a spy movie, but it’s a different story when it comes to securing company data. Whether intentional or unintentional, insider threats are a legitimate concern. According to CSA research, 26% of companies who reported a SaaS security incident were struck by an insider. The challenge for many is […]
New Android Spyware LianSpy Evades Detection Using Yandex Cloud
Users in Russia have been the target of a previously undocumented Android post-compromise spyware called LianSpy since at least 2021. Cybersecurity vendor Kaspersky, which discovered the malware in March 2024, noted its use of Yandex Cloud, a Russian cloud service, for command-and-control (C2) communications as a way to avoid having a dedicated infrastructure and evade […]