double software

Are you interested in reducing your risk profile? Jamf has a solution for that

The threat landscape has changed dramatically over the past decade. As cybercriminals continue to search for new ways to access networks and steal sensitive information, the surface of mobile attacks is expanding as well. Mobile devices have not only become more powerful but also become more vulnerable to cyber attacks, making mobile security an increasingly …

Are you interested in reducing your risk profile? Jamf has a solution for that Read More »

Uber blames LAPSUS$ Hacking Group for recent security breach

On Monday, Uber revealed more details regarding the security incident that occurred last week, commenting the attack on a threat actor it believes is linked to the popular hacking group LAPSUS$. “This group typically uses similar technologies to target tech companies, and in 2022 alone Microsoft, Cisco, Samsung, NVIDIA, and Okta, among others,” the San …

Uber blames LAPSUS$ Hacking Group for recent security breach Read More »

Chinese hackers used ScanBox framework in recent cyber espionage attacks

The months-long cyber espionage campaign carried out by a group of Chinese nation-states targeted several entities with malicious reconnaissance software to collect information on their victims and achieve their strategic goals. “The targets of this latest campaign have extended to Australia, Malaysia and Europe, as well as entities operating in the South China Sea,” enterprise …

Chinese hackers used ScanBox framework in recent cyber espionage attacks Read More »

What is it and how can you protect yourself from it

Organizations and security teams are working to protect themselves from any vulnerability, often unaware that the risk is also from configurations in SaaS applications that are not hardened. The newly published GIFShell attack method, which occurs through Microsoft Teams, is a perfect example of how threat actors can exploit legitimate features and configurations that are …

What is it and how can you protect yourself from it Read More »

Microsoft discovered a severe “one-click” exploit of the TikTok Android app

Microsoft on Wednesday revealed details of a now-patched “high-risk vulnerability” in the TikTok app for Android that could allow attackers to take over accounts when victims click on a malicious link. “Attacks could take advantage of the vulnerability to unconsciously hijack an account if the target user simply clicked on a specially crafted link,” Demetrius …

Microsoft discovered a severe “one-click” exploit of the TikTok Android app Read More »

Over 1,800 Android and iOS apps found leaking statically encrypted AWS credentials

Researchers have identified 1,859 apps across Android and iOS that contain encrypted Amazon Web Services (AWS) credentials, posing a significant security risk. “More than three-quarters (77%) of applications contained valid AWS access tokens that allow access to private AWS cloud services,” Symantec’s Threat Hunter team, part of Broadcom Software, said in a report shared with …

Over 1,800 Android and iOS apps found leaking statically encrypted AWS credentials Read More »

Apple releases iOS and macOS updates to patch actively exploited Zero-Day bug

Apple has released another round of security updates to address several vulnerabilities in iOS and macOS, including a new flaw that has been used in attacks in the wild. The problem is, the identifier is set CVE-2022-32917is rooted in the Kernel component and can enable a malicious application to execute arbitrary code with kernel privileges. …

Apple releases iOS and macOS updates to patch actively exploited Zero-Day bug Read More »