Le Canada interdit les applications WeChat et Kaspersky sur les appareils du gouvernement

Le Canada a annoncé l’interdiction de l’utilisation des applications de Tencent et Kaspersky sur les appareils mobiles gouvernementaux. Invoqué, un niveau inacceptable de risque pour la vie privée et la sécurité du pays. « Le gouvernement du Canada s’engage à assurer la sécurité des informations et des réseaux gouvernementaux« , a déclaré le porte parole du gouvernement […]

Google Chrome masquera les véritables adresses IP des utilisateurs

Google se prépare à commencer à tester une nouvelle fonctionnalité de protection IP dans le navigateur Chrome. Cette solution devrait améliorer la confidentialité des utilisateurs en masquant leurs adresses IP à l’aide des propres serveurs proxy de Google. Google prévoit de tester la protection IP entre la sortie de Chrome 119 et Chrome 225. Les […]

Mysterious Kill Switch Disrupts Mozi IoT Botnet Operations

The unexpected drop in malicious activity connected with the Mozi botnet in August 2023 was due to a kill switch that was distributed to the bots. « First, the drop manifested in India on August 8, » ESET said in an analysis published this week. « A week later, on August 16, the same thing happened in China. While the […]

48 Malicious npm Packages Found Deploying Reverse Shells on Developer Systems

A new set of 48 malicious npm packages have been discovered in the npm repository with capabilities to deploy a reverse shell on compromised systems. « These packages, deceptively named to appear legitimate, contained obfuscated JavaScript designed to initiate a reverse shell on package install, » software supply chain security firm Phylum said. All the counterfeit packages have […]

CanesSpy Spyware Discovered in Modified WhatsApp Versions

Cybersecurity researchers have unearthed a number of WhatsApp mods for Android that come fitted with a spyware module dubbed CanesSpy. These modified versions of the instant messaging app have been observed propagated via sketchy websites advertising such software as well as Telegram channels used primarily by Arabic and Azerbaijani speakers, one of which boasts 2 million […]

Predictive AI in Cybersecurity: Outcomes Demonstrate All AI is Not Created Equally

Here is what matters most when it comes to artificial intelligence (AI) in cybersecurity: Outcomes.  As the threat landscape evolves and generative AI is added to the toolsets available to defenders and attackers alike, evaluating the relative effectiveness of various AI-based security offerings is increasingly important — and difficult. Asking the right questions can help you spot solutions

NodeStealer Malware Hijacking Facebook Business Accounts for Malicious Ads

Compromised Facebook business accounts are being used to run bogus ads that employ « revealing photos of young women » as lures to trick victims into downloading an updated version of a malware called NodeStealer. « Clicking on ads immediately downloads an archive containing a malicious .exe ‘Photo Album’ file which also drops a second executable written in .NET […]

Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments

The threat actors linked to Kinsing have been observed attempting to exploit the recently disclosed Linux privilege escalation flaw called Looney Tunables as part of a « new experimental campaign » designed to breach cloud environments. « Intriguingly, the attacker is also broadening the horizons of their cloud-native attacks by extracting credentials from the Cloud Service Provider (CSP), » cloud