A campaign targeting major Iranian banks has been discovered, involving an Android mobile banking Trojan that steals login credentials, credit card information, and intercepts SMS for one-time password codes, with new app variants and capabilities being identified.
Cybersecurity company Hunters’ Team Axon discovers a vulnerability in Google Workspace and the Google Cloud Platform (GCP) known as “DeleFriend,” allowing threat actors to manipulate existing delegations and potentially exfiltrate sensitive data.
An international law enforcement operation led by Europol and the European Union Agency for Criminal Justice Cooperation has successfully dismantled a ransomware group in Ukraine responsible for high-profile attacks on corporations worldwide.
The use of generative AI tools like ChatGPT has led to a significant increase in phishing attacks, although cybercriminals themselves are skeptical and wary of the risks associated with these tools.
North Korean APT groups, including Lazarus and BlueNoroff, are blending elements of software from RustBucket and KandyKorn campaigns to confuse victims and researchers and evade detection in their attacks on cryptocurrency exchanges and financial institutions.
Retailers must prioritize the security of their SaaS applications to protect against cyber attacks and data breaches during the holiday season.
