Meta has lots of data through Instagram, WhatsApp, and Facebook, but that’s not enough for them. Court filings unsealed last week allege Meta created an internal effort to spy on Snapchat in a secret initiative called “Project Ghostbusters.” Meta did so through Onavo, a Virtual Private Network (VPN) service the…Read more...
A new variant of "TheMoon" malware botnet has been spotted infecting thousands of outdated small office and home office (SOHO) routers and IoT devices in 88 countries. [...]
Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple's password reset feature. In this scenario, a target's Apple devices are forced to display dozens of system-level prompts that prevent the devices from being used until the recipient responds "Allow" or "Don't Allow" to each prompt. Assuming the user manages not to fat-finger the wrong button on the umpteenth password reset request, the scammers will then call the victim while spoofing Apple support in the caller ID, saying the user's account is under attack and that Apple support needs to "verify" a one-time code.
CoinDesk:
The US DOJ charges crypto exchange KuCoin and two co-founders with violating anti-money laundering laws, failing to register with the US government, and more — The exchange was charged under the Bank Secrecy Act. — U.S. federal prosecutors charged crypto exchange KuCoin and two of its founders …
Several free Android VPN apps have been found to support a malicious residential proxy operation named ‘Proxylib.’ Proxylib infects Android devices with an agent that conceals malicious activities such as ad fraud, bot usage, or more dangerous operations like malware distribution and phishing campaigns. The agent routes user traffic through the infected Android devices, making …
The post Free VPN Apps on Google Play Turn Phones into Proxies appeared first on RestorePrivacy.
Chris Dolmetsch / Bloomberg:
Ripple says the SEC plans to release a public brief on Tuesday seeking $2B in fines and penalties in its case against Ripple over sales of the XRP crypto token — The regulator is slated to release a public brief on Tuesday, Stuart Alderoty, Ripple's chief legal officer, said in a separate post on X on Monday.
'Pay or Consent' May Violate the Digital Services Act, Say EU OfficialsThe European Commission will scrutinize Meta's pivot to a subscription model in response to a string of rulings from data protection boards limiting the social media giant's ability to legally collect user data. Europe announced a slew of investigations into American big-tech companies.
Systems have been pulled offline as a precaution Exclusive The Communications Workers Union (CWU), which represents hundreds of thousands of employees in sectors across the UK economy including tech and telecoms, is currently working to mitigate a cyberattack.…
Academic researchers developed ZenHammer, the first variant of the Rowhammer DRAM attack that works on CPUs based on recent AMD Zen microarchitecture that map physical addresses on DDR4 and DDR5 memory chips. [...]
A recent malware campaign against Python developers is the latest example of the craftiness and resourcefulness of attackers who target the software supply chain, according to cybersecurity researchers. Victims of the “far-reaching” operation included individual developers who publicly wrote about their incidents, as well as members of Top.gg — a community for people who
Cybercriminals have been increasingly using a new phishing-as-a-service (PhaaS) platform named 'Tycoon 2FA' to target Microsoft 365 and Gmail accounts and bypass two-factor authentication (2FA) protection. [...]