Legitimate Android app iRecorder turns malicious within a year, spies on its users, ESET Research discovers

May 23, 2023

As a Google App Defense Alliance partner, ESET detected a trojanized app available on the Google Play Store and named the AhMyth-based malware it contained AhRat. ESET researchers have discovered a trojanized Android app named iRecorder – Screen Recorder. It was available on Google Play as a legitimate app in September 2021, with malicious functionality … More Legitimate Android app iRecorder turns malicious within a year, spies on its users, ESET Research discovers

Android phones are vulnerable to fingerprint brute-force attacks

May 22, 2023

Bleeping computer reports* that Researchers at Tencent Labs and Zhejiang University have presented a new attack called ‘BrutePrint,’ which brute-forces fingerprints on modern smartphones to bypass user authentication and take control of the device. Brute-force attacks rely on many trial-and-error attempts to crack a code, key, or password and gain unauthorized access to accounts, systems, … More Android phones are vulnerable to fingerprint brute-force attacks

5 useful search engines for internet‑connected devices and services

May 19, 2023

A roundup of some of the handiest tools that security professionals can use to search for and monitor devices that are accessible from the internet. Internet security is a constant concern for technology and cybersecurity professionals. With the ever-increasing number of online devices and services, it is important to have a clear and accurate view … More 5 useful search engines for internet‑connected devices and services

New Google ZIP domains spark debate among cybersecurity experts

May 18, 2023

According to Bleeping Computer*, Cybersecurity researchers and IT admins have raised concerns over Google’s new ZIP and MOV Internet domains, warning that threat actors could use them for phishing attacks and malware delivery. Earlier this month, Google introduced eight new top-level domains (TLD) that could be purchased for hosting websites or email addresses. The new … More New Google ZIP domains spark debate among cybersecurity experts

Meet “AI”, your new colleague: could it expose your company’s secrets?

May 18, 2023

Before rushing to embrace the LLM-powered “hire”, make sure your organization has safeguards in place to avoid putting its business and customer data at risk. Chatbots powered by large language models (LLMs) are not just the world’s new favorite pastime. The technology is increasingly being recruited to boost workers’ productivity and efficiency, and given its … More Meet “AI”, your new colleague: could it expose your company’s secrets?