Security

Microsoft said on Wednesday that an Austria-based company named DSIRF used multiple Windows and Adobe Reader zero-days to hack organizations located in Europe and Central America. Multiple news outlets have published articles like this one, which cited marketing materials and other evidence linking DSIRF to Subzero, a malicious toolset for “automated exfiltration of sensitive/private data” and “tailored access operations [including] identification, tracking and infiltration of threats.”

Belgium noted in a statement that it has detected cyber intrusions from hacking groups tracked as APT27, APT30, APT31, and Gallium.

“We have detected malicious cyber activities that targeted the FPS Interior. These activities can be linked to the hacker groups known as Advanced Persistent Threat 27, Advanced Persistent Threat 30, Advanced Persistent Threat 31. We have detected malicious cyber activities that targeted the Belgian Defence. These activities can be linked to the hacker groups known as UNSC 2814/GALLIUM/SOFTCELL,” Belgium said on Monday.

Payment card details from customers of more than 300 restaurants have been stolen in two web-skimming campaigns targeting three online ordering platforms.

Web-skimmers, or Magecart malware, are typically JavaScript code that collects credit card data when online shoppers type it on the checkout page.

A security firm and the US government are advising the public to immediately stop using a popular GPS tracking device or to at least minimize exposure to it, citing a host of vulnerabilities that make it possible for hackers to remotely disable cars while they’re moving, track location histories, disarm alarms, and cut off fuel.

More than 10 million people rely on Ring video doorbells to monitor what's happening directly outside the front doors of their homes. The popularity of the technology has raised a question that concerns privacy advocates: Should police have access to Ring video doorbell recordings without first gaining user consent?

From the what-could-possibly-go-wrong files comes this: People hawking password-cracking software are targeting the hardware used in industrial-control facilities with malicious code that makes their systems part of a botnet, a researcher reported.

A HackerOne employee stole vulnerability reports submitted through the bug bounty platform and disclosed them to affected customers to claim financial rewards.

The rogue worker had contacted about half a dozen HackerOne customers and collected bounties “in a handful of disclosures,” the company said on Friday. HackerOne is a platform for coordinating vulnerability disclosures and intermediating monetary rewards for the bug hunter submitting the security reports.

Apple has introduced an extra layer of security coming to iOS 16, called Lockdown Mode. The Cupertino, California-based company announced the new extreme cybersecurity feature on July 6 with the aim of protecting people at risk of being attacked by targeted mercenary spyware.

Customers of some phone companies in Germany, including Vodafone and Deutsche Telekom, have had a slightly different browsing experience from those on other providers since early April. Rather than seeing ads through regular third-party tracking cookies stored on devices, they’ve been part of a trial called TrustPid.

An unusually advanced hacking group has spent almost two years infecting a wide range of routers in North America and Europe with malware that takes full control of connected devices running Windows, macOS, and Linux, researchers reported on Tuesday.