CRIL Researchers observed a new android banking trojan 'Brokewell,' being distributed through a phishing site disguised as the official Chrome update page. The malicious Android Banking Trojan comes equipped with various functionalities such as screen recording, keylogging and over 50 different remote commands. Upon further investigation, researchers were able to trace the trojan back to its developer, who described the trojan as capable of bypassing permission restrictions on the latest versions of the Android operating system. Developer Behind Android Banking Trojan Found Distributing Other ..read more

Hackers have honed in on a critical WP-Automatic plugin vulnerability, aiming to infiltrate WordPress websites by creating unauthorized admin accounts, according to recent reports. The flaw, identified in versions preceding 3.9.2.0 of the WP Automatic plugin, has prompted cybersecurity experts to issue urgent warnings to website owners and administrators. The vulnerability, flagged under the identifier "CVE-2024-27956," has been characterized as a high-severity issue with a CVSS score of 9.8. It pertains to a SQL injection flaw within the plugin's user authentication mechanism, which ess ..read more

By Lakshmi Mittra, SVP and Head, Clover Academy In the rapidly changing and dynamic tech environment of today, future-proofing the workforce is more essential than ever. With industries constantly innovating and adapting to new technologies, the demand for next-gen tech talent professionals capable of leading change and driving innovation is on the rise. This is where skilling steps in, acting as a key player in nurturing the next generation of tech talent. The concept of future-proofing the workforce revolves around equipping employees with the necessary skills and knowledge to adapt to new ..read more

By Roman Faithfull, Cyber Intelligence Lead, Cyjax 2024 will see more elections than any other year in history: the UK, the US, Russia, India, Taiwan and more. According to AP, at least 40 countries will go to the polls this year, and some of these contests will have ramifications way beyond their national borders. This will also make 2024 a year of misinformation, as groups both within and outside these countries look to exert their influence on the democratic process. As the US presidential election draws near, specialists caution that a combination of factors domestically and international ..read more

With more than 2 billion voters ready to cast a vote this year across 60 plus nations -including the U.S., U.K. and India - Russian state hackers are posing the biggest cyber threat to election security, researchers said. Google-owned Mandiant in a detailed report stated with “high confidence” that Russian state-sponsored cyber threat activity poses the greatest risk to elections in regions with Russian interest. “Multiple Russian groups have targeted past elections in the U.S., France, and Ukraine, and these groups have continued to demonstrate the capability and intent to target elections b ..read more

CISA (Cybersecurity & Infrastructure Security Agency) has shared an ICS (Industrial Control Systems) advisory regarding several vulnerabilities present in Honeywell products, including Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, and Safety Manager SC. The advisory outlines multiple vulnerabilities which could lead to remote code execution, privilege escalation, and sensitive information disclosure. The Honeywell product vulnerabilities are described as affecting the chemical, critical manufacturing, energy, water and wastewater systems critical-infrastructure indus ..read more

American private equity firm Thoma Bravo has inked an agreement to acquire British cybersecurity giant Darktrace for $4.6bn. This all-cash transaction between Thoma Bravo and Darktrace, valued at $5.3bn, marks a pivotal moment for both companies and the cybersecurity sector at large. The Darktrace acquisition, though pending shareholder approval, has already received the green light from the boards of both Darktrace and Thoma Bravo, signaling a strong vote of confidence in the deal's potential. Immediately following the announcement, Darktrace's shares surged by over 19%, showcasing investor ..read more

The FBI in a Thursday warning emphasized the financial risks associated with using unregistered cryptocurrency transfer services, especially considering potential law enforcement actions against these platforms. The focus of this public service announcement is on crypto transfer platforms that operate without proper registration as Money Services Businesses (MSB) and fail to comply with anti-money laundering regulations mandated by the U.S. federal law. Such platforms are frequent targets of law enforcement operations, particularly when criminals exploit them for transferring or laundering un ..read more

Volkswagen, the automotive giant, finds itself at the center of a large-scale cyber operation, with suspicions pointing toward hackers operating from China. The Volkswagen cyberattack, which occurred over a decade ago but continues to reverberate today, sheds light on Chinese hackers and their espionage activities.  The stolen data from the multiple-year Volkswagen cyberattack, described as "explosive," includes sensitive information on Volkswagen's internal workings, ranging from development plans for gasoline engines to crucial details about e-mobility initiatives. Investigations led b ..read more

In response to this growing threat, the Cybersecurity and Infrastructure Security Agency (CISA) has launched the Ransomware Vulnerability Warning Pilot (RVWP). This initiative focuses on proactive risk reduction through direct communication with the federal government, state, local, tribal, territorial (SLTT) government, and critical infrastructure entities. The goal is to prevent threat actors from accessing and deploying ransomware on their networks. Ransomware, a persistent threat to critical services, businesses, and communities worldwide, continues to evolve, causing costly and disruptiv ..read more