Google continues to disrupt YouTube and Blogger activity associated with the China-linked Dragonbridge threat actor's long-running influence operations, with over 10,000 instances taken down in the first quarter of this year alone. In 2023, the internet giant disrupted over 65,000 YouTube and Blogger instances linked to Dragonbridge, with 50,000 other instances taken down in 2022. To date, Google disrupted over 175,000 Dragonbridge instances. READ MORE...
Hackers from Southeast Asia have turned Android's own best application security mechanism against itself, severing the link between kernel and application in order to perform any kind of tampering they wish. This method is being employed by new malware called "Snowblind," which targets at least one banking app in Southeast Asia. Snowblind works by abusing the ubiquitous Linux security feature "seccomp" in order to trap and modify system calls in transit. READ MORE...
The Medusa banking trojan for Android has re-emerged after almost a year of keeping a lower profile in campaigns targeting France, Italy, the United States, Canada, Spain, the United Kingdom, and Turkey. The new activity has been tracked since May and relies on more compact variants that require fewer permissions and come with fresh features in an attempt to initiate transactions directly from the compromised device READ MORE...
Over 100,000 sites have been impacted in a supply chain attack by the Polyfill.io service after a Chinese company acquired the domain and the script was modified to redirect users to malicious and scam sites. A polyfill is code, such as JavaScript, that adds modern functionality to older browsers that do not usually support it. For example, it adds JavaScript functions that are not available for older browsers but are present in modern ones. READ MORE...
n October 2023, the British Library underwent a crippling cyberattack that took down its website, a majority of its online services, including card transitions, reader registrations, and ticket sales, along with access to its digital library catalog. The attack cost the library £7 million (US$8.9 million) in recovery costs, or about 40% of its reserve budget. Although the online catalogue was restored in January, full recovery is not expected before the end of the year. READ MORE...
Several vulnerabilities patched recently by Siemens in some of its Sicam products could be exploited in attacks aimed at the energy sector. Siemens informed customers in May that updates released for its Sicam A8000 remote terminal unit, Sicam EGS grid sensors, and Sicam 8 power automation software address two high-severity and one medium-severity flaws. One of the security holes, CVE-2024-31484, is a buffer overread issue that can be exploited to read sensitive data from memory. READ MORE...