Collaborate Disseminate
Is dream hacking the next big privacy concern or just a new marketing gimmick? Some people may be surprised that TikTok shares data with China, and details on Google Chrome adding HTTPS-first mode and Firefox and easing its blocking of Facebook login b… Continue reading Targeted Dream Incubation, TikTok Data Sharing, Chrome and Firefox Updates
We recently came across unusual APT activity that was detected in high volumes, albeit most likely aimed at a few targets of interest. Further analysis revealed that the actor, which we dubbed LuminousMoth, shows an affinity to the HoneyMyte group, otherwise known as Mustang Panda. Continue reading LuminousMoth APT: Sweeping attacks for the chosen few
For the last six years, hackers have stalked Iranian dissidents with spying tools that mimic the software those dissidents use to protect their communications, security firm Kaspersky said Wednesday. Researchers from Kaspersky and other firms only recently pieced together the activity, showing the limits of the cyber industry’s knowledge of Tehran-linked hacking against those who often bear the brunt of it: Iranian citizens. While Kaspersky researchers did not attribute the hacking to the Iranian government, FireEye, another security firm, said it suspected the hackers were affiliated with Tehran. The findings are consistent with a surveillance dragnet that Iranian authorities have used to jail and beat protesters who challenge the regime. Iranian security services killed 304 people in a 2019 crackdown, according to Amnesty International. The hackers, Kaspersky said, have sent their targets malware-laced images and videos claiming to be from prisoners in Iran. When opened, the malicious documents hijack users’ […]
The post Suspected Iranian hackers exploit VPN, Telegram to monitor dissidents appeared first on CyberScoop.
Continue reading Suspected Iranian hackers exploit VPN, Telegram to monitor dissidents
Ferocious Kitten is an APT group that has been targeting Persian-speaking individuals in Iran. Some of the TTPs used by this threat actor are reminiscent of other groups, such as Domestic Kitten and Rampant Kitten. In this report we aim to provide more details on these findings. Continue reading Ferocious Kitten: 6 years of covert surveillance in Iran
Patch early. Patch often. Patch now! Continue reading Chrome zero-day, hot on the heels of Microsoft’s IE zero-day. Patch now!
We detected a wave of highly targeted attacks against multiple companies. Closer analysis revealed that all these attacks exploited a chain of Google Chrome and Microsoft Windows zero-day exploits. Continue reading PuzzleMaker attacks with Chrome zero-day exploit chain
The makers of the world’s most popular web browsers are teaming up to improve the security and usability of browser extensions.
The post Apple, Google, Microsoft, and Mozilla Partner on Browser Extensions appeared first on Thurrott.com.
Continue reading Apple, Google, Microsoft, and Mozilla Partner on Browser Extensions
Tripwire’s May 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Google Chrome, Adobe and Microsoft. First on the patch priority list this month are patches for macOS (CVE-2021-30657) and Google Chrome (CVE-2021-21220). Exp… Continue reading Tripwire Patch Priority Index for May 2021
It’s the technology that just won’t die, and for good reason: It works. So now Chrome is going to surface RSS feeds on websites to make it easier to follow them.
The post Google is Embracing RSS. Again. appeared first on Thurrott.com.
Continue reading Google is Embracing RSS. Again.
I hope you’re being cautious if you’re installing extensions from the Chrome Web Store for your browser and care about your online security.
Because it’s reported that a bogus Chrome add-on purporting to be “Microsoft Authenticator” successfully man… Continue reading Fake Microsoft Authenticator extension discovered in Chrome Store