Skip to the main content.

1 min read

Articles of interest from the week of November 27, 2023

27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT Experts

An unknown threat actor has been observed publishing typosquat packages to the Python Package Index (PyPI) repository for nearly six months with an aim to deliver malware capable of gaining persistence, stealing sensitive data, and accessing cryptocurrency wallets for financial gain. (The Hacker News)

 

Dropper Service Bypassing Android Security Restrictions to Install Malware

A recently identified dropper-as-a-service (DaaS) uses a novel technique to bypass Android’s security restrictions for payload delivery, online fraud detection firm reports. (SecurityWeek)

 

CISA, FBI, and MS-ISAC Release Advisory on Rhysida Ransomware

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), Rhysida Ransomware, to disseminate known Rhysida ransomware indicators of compromise (IOCs), detection methods, and tactics, techniques, and procedures (TTPs) identified through investigations as recently as September 2023. (CISA)

 

FCC Tightens Telco Rules to Combat SIM-Swapping

Moving to clamp down on the growing scourge of SIM-swapping and port-out fraud, the Federal Communications Commission (FCC) has unveiled new rules mandating telcos to give consumers greater control of their mobile phone accounts. (SecurityWeek)

 

Zero-Day Alert: Google Chrome Under Active Attack, Exploiting New Vulnerability

Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild.

Tracked as CVE-2023-6345, the high-severity vulnerability has been described as an integer overflow bug in Skia, an open source 2D graphics library. (The Hacker News)

Sign Up For Network Security News
Articles of interest from the week of October 23, 2023

Articles of interest from the week of October 23, 2023

FBI, CISA Warn of Rising AvosLocker Ransomware Attacks Against Critical Infrastructure The AvosLocker ransomware gang has been linked to attacks...

Read More
Articles of interest from the week of January 15, 2024

Articles of interest from the week of January 15, 2024

IRS, Security Summit Partners Warn of Surge in “New Client” Scams Aimed at Tax Pros As 2024 Filing Season Approaches The Internal Revenue Service and...

Read More
Articles of interest from the week of October 14, 2024

Articles of interest from the week of October 14, 2024

Chinese Researchers Break RSA Encryption With a Quantum Computer The research team, led by Wang Chao from Shanghai University, found that D-Wave’s...

Read More