InfoSec News Nuggets 7/29/2024

Paris Olympics app a ‘prime target for cybercriminals’ Analysts predict that there could be as many as four billion cyber attacks at this year’s Games. The official Paris Olympics 2024 app is particularly vulnerable. “This app handles vast amounts of personal and transactional data, making it a prime target for cybercriminals,” said Sakthi Mohan, cloud security lead at California-based Synopsys Software Integrity Group. The Paris Olympics app has already been downloaded over 10 million times on Google Play. It allows…
Read More

InfoSec News Nuggets 03/24/2023

Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers Telecommunication providers in the Middle East are the subject of new cyber attacks that commenced in the first quarter of 2023. The intrusion set has been attributed to a Chinese cyber espionage actor associated with a long-running campaign dubbed Operation Soft Cell based on tooling overlaps. "The initial attack phase involves infiltrating Internet-facing Microsoft Exchange servers to deploy web shells used for command execution," researchers from SentinelOne…
Read More

InfoSec News Nuggets 10/21/2020

Seven mobile browsers vulnerable to address bar spoofing attacks An "address bar spoofing" vulnerability refers to a bug in a web browser that allows a malicious website to modify its real URL and show a fake one instead — usually one for a legitimate site. Address bar spoofing vulnerabilities have been around since the early days of the web, but they have never been so dangerous as they are today. While on desktop browsers there…
Read More