ESET researchers found a spying campaign targeting Android users. The campaign uses fake messaging apps that include XploitSPY malware. The campaign, called eXotic Visit, has been active from November 2021 to the end of 2023. Malicious Android apps were distributed through targeted campaigns using dedicated websites and the Google Play …

CISA issued nine advisories about Industrial Control Systems (ICS) on April 11, 2024. These advisories give important information about security issues, vulnerabilities, and exploits related to ICS. ICSA-24-102-01 Siemens SIMATIC S7-1500 ICSA-24-102-02 Siemens SIMATIC WinCC ICSA-24-102-03 Siemens RUGGEDCOM APE1808 before V11.0.1 ICSA-24-102-04 Siemens RUGGEDCOM APE1808 ICSA-24-102-05 Siemens Scalance W1750D ICSA-24-102-06 …

Apple warned users in 91 other countries about a possible “mercenary spyware attack”. Apple notified Reuters that the company found evidence of attackers attempting to remotely compromise iPhones. Mercenary spyware attacks are rare but much more sophisticated than regular cybercriminal activity or malware, as stated in the email. Apple also …

CISA has launched a new malware analysis system called Malware Next-Gen. It allows organizations to submit malware samples and suspicious artifacts for analysis, helping CISA to better support partners by automating analysis of new malware and improving cyber defense efforts. Network defenders need timely and useful information about malware, including …

Google has launched an updated version of Find My Device, which helps people keep track of their numerous devices more easily. This new version also allows users to track their phones even when they are turned off or have run out of battery. Android users with devices other than phones …

Microsoft fixed two zero-day vulnerabilities in April 2024 Patch Tuesday, but they didn’t label them as such at first. CVE-2024-26234 is a vulnerability that involves a malicious driver being signed with a valid Microsoft Hardware Publisher Certificate. It was discovered by Sophos X-Ops in December 2023 and reported by team …

Microsoft released a patch on Tuesday, April 2024. It includes security updates for 150 flaws and 67 remote code execution bugs. Only three important vulnerabilities were fixed by Patch Tuesday. However, there are more than sixty-seven remote code execution bugs. The majority of these bugs are located in Microsoft SQL …

Fortinet has released security updates for various products, including OS and FortiProxy, to fix vulnerabilities that could allow a cyber threat actor to take control of a system. CISA encourages users and administrators to take the following steps for enhanced security: FR-IR-23-345 FortiClientMac – Lack of configuration file validation: An …

Data of over 7.5 million boAt customers is now on the dark web. This includes personal information like names, addresses, contact numbers, email IDs, and customer IDs. The attacker has released around 2GB of data on a forum. On April 5, a hacker named ShopifyGUY said they hacked the data …

What Is Orbot? Orbot is a free app created by the Guardian Project. It helps protect your privacy by routing your internet traffic through the Tor network, which encrypts your data and conceals your online activity, keeping your identity and location private. How Does Orbot Work? Here’s a breakdown of …