The Dark Nexus Between Harm Groups and ‘The Com’

Credit to Author: BrianKrebs| Date: Fri, 13 Sep 2024 12:16:45 +0000

A cyberattack that shut down some of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023: It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in Russia. But that made-for-Hollywood narrative has eclipsed a far more hideous trend: Many of these young, Western cybercriminals are also members of fast-growing online groups that exist solely to bully, stalk, harass and extort vulnerable teens into physically harming themselves and others.

Read more

Google and Apple cooperate to address unwanted tracking

Categories: News

Categories: Privacy

Tags: Google

Tags: Apple

Tags: AirTag

Tags: Tile

Tags: Samsung

Tags: Bluetooth

Tags: trackers

Tags: stalking

Tags: car thieves

Google and Apple want to create a specification for tech that alerts users when they’re being tracked by AirTags and similar devices.

(Read more…)

The post Google and Apple cooperate to address unwanted tracking appeared first on Malwarebytes Labs.

Read more

Google reveals 18 chip vulnerabilities threatening mobile, wearables, vehicles

Categories: News

Tags: android

Tags: google

Tags: samsung

Tags: chip

Tags: VoLTE

Tags: modem

Tags: chipset

Tags: vulnerability

Tags: pixel

Tags: CVE-2023-24033

We take a look at multiple vulnerabilities highlighted by Google’s Project Zero team, and what you can do to ward off the threat of attack.

(Read more…)

The post Google reveals 18 chip vulnerabilities threatening mobile, wearables, vehicles appeared first on Malwarebytes Labs.

Read more

Samsung adds Message Guard protection against zero-click exploits

Categories: Android

Categories: News

Tags: Samsung

Tags: message guard

Tags: sandbox

Tags: zero-click exploit

Tags: images

Tags: attachments

Samsung has announced the introduction of Message Guard protection against zero-click exploits for the Samsung Galaxy S23 series.

(Read more…)

The post Samsung adds Message Guard protection against zero-click exploits appeared first on Malwarebytes Labs.

Read more

Maintenance Mode aims to keep phone data private during repairs

Categories: News

Tags: Samsung

Tags: mobile

Tags: cellphone

Tags: device

Tags: maintenance mode

Tags: privacy

Tags: security

Tags: data

Tags: snooping

Tags: repairs

Tags: fix

We take a look at a new mode developed by Samsung which aims to keep data safe during a repair.

(Read more…)

The post Maintenance Mode aims to keep phone data private during repairs appeared first on Malwarebytes Labs.

Read more

Update now! October patch Tuesday fixes actively used zero-day…but not the one you expected

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: Apple

Tags: Google

Tags: Android

Tags: Samsung

Tags: Xiaomi

Tags: Adobe

Tags: SAP

Tags: VMWare

Tags: Fortinet

Tags: CVE-2022-41033

Tags: CVE-2022-41040

Tags: zero-day

No fix for ProxyNotShell

(Read more…)

The post Update now! October patch Tuesday fixes actively used zero-day…but not the one you expected appeared first on Malwarebytes Labs.

Read more

Update now! Microsoft patches two zero-days

Categories: News

Tags: CVE-2022-37969

Tags: CVE-2022-23960

Tags: CVE-2022-35805

Tags: CVE-2022-34700

Tags: CVE-2022-34718

Tags: CVE-2022-34721

Tags: CVE-2022-34722

Tags: Microsoft

Tags: Adobe

Tags: Android

Tags: Apple

Tags: Cisco

Tags: Google

Tags: Samsung

Tags: SAP

Tags: VMWare

The September 2022 Patch Tuesday updates includes two zero-day vulnerabilities, one of which is known to be used in attacks

(Read more…)

The post Update now! Microsoft patches two zero-days appeared first on Malwarebytes Labs.

Read more

Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code

Credit to Author: BrianKrebs| Date: Fri, 22 Apr 2022 13:09:39 +0000

KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion. LAPSUS$ is known for stealing data and then demanding a ransom not to publish or sell it. But the leaked chats indicate this mercenary activity was of little interest to the tyrannical teenage leader of LAPSUS$, whose obsession with stealing and leaking proprietary computer source code from the world’s largest tech companies ultimately led to the group’s undoing.

Read more