MOBILE Archives - Page 5 of 71 - Cybersecurity News Everyday

Researchers Uncover 46 Critical Flaws in Solar Inverters From Sungrow, Growatt, and SMA

Summary: Researchers have identified 46 vulnerabilities in solar inverter products from Sungrow, Growatt, and SMA, potentially allowing attackers to execute remote code or take control of devices, posing severe risks to electrical grids. The vulnerabilities, dubbed SUN:DOWN, could lead to significant disruptions and potential blackouts if exploited.…

Youtube

What Happens When You Remove Local Admin on a Mac?

March 28, 2025 admin

Summary: The video discusses the implications of removing local admin privileges in organizations, particularly in the context of traditional active directory setups. While there are valid reasons to restrict these privileges, the belief that doing so entirely prevents unauthorized code execution is misleading.

Keypoints:

Many organizations seek to remove local admin privileges to enhance security.…

Threat Research

TsarBot: A New Android Banking Trojan Targeting Over 750 Banking, Finance, and Cryptocurrency Applications

March 28, 2025 Cyble

The TsarBot Android Banking Trojan targets over 750 applications, employing phishing sites and overlay attacks to steal sensitive information. It can manipulate the device’s screen, perform fraudulent transactions, and capture user credentials via a fake lock screen. This threat emphasizes the persistent dangers posed by banking malware.…

Cyber Security News

Tor Browser 13.5.14 Update Fixes Critical Security Flaw for Windows 7, 8, and 8.1

March 28, 2025 CybersecurityNews

Summary: The Tor Project has released an emergency update, Tor Browser 13.5.14, aimed at users on Windows 7, 8, and 8.1, addressing critical security vulnerabilities. The update is crucial for protecting users from the risks associated with a flaw in Firefox’s sandboxing mechanisms that could allow attackers to execute arbitrary code.…

Cyber Security News

Investigative Journalists in Serbia Hit by Advanced Spyware Attack

March 28, 2025 CybersecurityNews

Summary: Two Serbian journalists from the Balkan Investigative Reporting Network (BIRN) were targeted with Pegasus spyware, confirming a disturbing trend of digital surveillance against civil society in Serbia. This incident marks the third use of Pegasus spyware against Serbian activists in recent years, highlighting the ongoing repression and intimidation faced by journalists.…

Cyber Security News

CISA Issues Urgent Security Alerts: Critical Vulnerabilities in Schneider Electric, Chrome, and Sitecore

March 28, 2025 CybersecurityNews

Summary: The Cybersecurity and Infrastructure Security Agency (CISA) has released advisories for critical vulnerabilities that could impact various systems, particularly Schneider Electric’s EcoStruxure Power Monitoring Expert, Google Chrome, and Sitecore CMS/XP. These vulnerabilities pose significant risks, including remote code execution and arbitrary code execution, urging organizations to implement mitigations and keep their systems updated.…

Cyber Security News

Firefox Patch Released as Mozilla Addresses Chrome-Like Security Threat

March 28, 2025 CybersecurityNews

Summary: Mozilla has released an urgent update for Firefox on Windows to fix a critical sandbox escape vulnerability (CVE-2025-2857) that may allow unauthorized system access. This update comes in response to a recent similar exploit found in Google Chrome, highlighting growing concerns over browser security. Users are strongly urged to update their browsers immediately to ensure protection against this and similar vulnerabilities.…

Cyber Security News

Pakistan-Linked APT Exploits Youth Laptop Scheme in Cyberattack Targeting India

March 28, 2025 CybersecurityNews

Summary: A new cybersecurity report by CYFIRMA reveals a sophisticated cyberattack targeting Indian users, allegedly led by a Pakistan-based APT group, APT36. The attackers created a fraudulent website mimicking the Indian Post Office to distribute malware to Windows and Android devices. The report details the tactics used by the group, including spear-phishing and the distribution of malicious applications, to compromise targets and exfiltrate sensitive data.…

Cyber Security News

Splunk Patches Dozens of Vulnerabilities

March 28, 2025 CybersecurityNews

Summary: Splunk has released patches addressing multiple vulnerabilities in its products, including high-severity flaws in Splunk Enterprise and the Secure Gateway App. The updates notably fix a remote code execution vulnerability that could be exploited by low-privileged users and an information disclosure issue related to user session tokens.…

Threat Research

PJobRAT makes a comeback, takes another crack at chat apps

March 28, 2025 Sophos

PJobRAT, an Android Remote Access Trojan (RAT), has resurfaced, targeting users in Taiwan through disguised messaging apps. This campaign, which spans over two years, showcases advancements in the malware’s capabilities, including the ability to execute shell commands. Users are advised to be wary of untrusted app installations.…

Cyber Security News

APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware

March 28, 2025 CybersecurityNews

Summary: An APT group linked to Pakistan, referred to as APT36 or Transparent Tribe, has launched a fake website mimicking India’s postal system to infect users on both Windows and Android platforms. The site delivers malware through a deceptive PDF for Windows users and a malicious app for Android users, both of which are designed to harvest sensitive information.…

Cyber Security News

Russia arrests three for allegedly creating Mamont malware, tied to over 300 cybercrimes

March 28, 2025 CybersecurityNews

Summary: Russian authorities have arrested three individuals linked to the development of Mamont malware, a banking trojan targeting Android devices. The malware allows criminals to transfer funds and collect sensitive information from infected devices while spreading through deceptive channels like Telegram. Authorities continue to crack down on cybercrime amid growing concerns about SMS-based fraud.…

Cyber Security News

Top 3 MS Office Exploits Hackers Use in 2025 – Stay Alert!

March 27, 2025 CybersecurityNews

Summary: Hackers continue to exploit Microsoft Office documents, using phishing attacks, vulnerabilities, and creative tactics to gain access to systems. This article highlights three primary exploits: phishing with Office files, the CVE-2017-11882 Equation Editor exploit, and the Follina vulnerability. Organizations must take proactive steps to secure their environments against these persistent threats.…

Cyber Security News

More Solar System Vulnerabilities Expose Power Grids to Hacking

March 27, 2025 CybersecurityNews

Summary: Researchers at Forescout have identified over 90 vulnerabilities within solar power products from leading vendors like Sungrow, Growatt, and SMA, highlighting serious risks to electrical grids. Newly discovered vulnerabilities could allow attackers to hijack inverters and execute arbitrary code, potentially disrupting power supply and compromising user data.…

T-Mobile Coughed Up Million in SIM Swap Lawsuit

Cyber Security News

T-Mobile Coughed Up $33 Million in SIM Swap Lawsuit

March 27, 2025 CybersecurityNews

Summary: Greenberg Glusker secured a million arbitration award against T-Mobile following a SIM swap attack that led to significant cryptocurrency theft. The attack exploited T-Mobile’s security failures, allowing an attacker to gain control of customer accounts. This case highlights the ongoing vulnerabilities in telecommunications security and the urgent need for better protections against SIM swapping.…

Cyber Security News

SnapCenter Security Flaw Rated Critical—NetApp Urges Immediate Patch

March 27, 2025 CybersecurityNews

Summary: A critical security vulnerability (CVE-2025-26512) has been discovered in NetApp’s SnapCenter software, allowing authenticated users to escalate privileges and gain unauthorized administrative access. This flaw affects SnapCenter versions prior to 6.0.1P1 and 6.1P1, with a CVSS score of 9.9. While no public exploitation has been detected, organizations are urged to update to the latest versions to mitigate risks.…

Cyber Security News

Multiple CVEs Found in Ingress-NGINX—Patch Now to Prevent Cluster Compromise

March 27, 2025 CybersecurityNews

Summary: A set of vulnerabilities in Ingress-NGINX Controller for Kubernetes poses significant security risks, including unauthorized remote code execution and potential full cluster takeover for versions prior to 1.12.1 and 1.11.5. The Australian Cyber Security Centre has outlined specific vulnerabilities that could allow attackers to manipulate configurations and access sensitive credentials.…

Cyber Attack

634 Targets, 6 Million Records at Stake—Inside the UAE’s Cybersecurity Showdown

March 27, 2025 LeakNews

Summary: The UAE government successfully thwarted a major cyberattack aimed at 634 government and private entities, attributed to a hacker known as “rose87168.” The breach, potentially exposing around six million customer records, raises significant concerns about ongoing cyber threats to the UAE, highlighting the necessity for robust cybersecurity measures.…

Tag: MOBILE