"A Brazilian hacking group has been targeting thirty Portuguese government and private financial institutions since 2021 in a malicious campaign called 'Operation Magalenha.'
Examples of the targeted entities include ActivoBank, Caixa Geral de Depósitos, CaixaBank, Citibanamex, Santander, Millennium BCP, ING, Banco BPI, and Novobanco.
"ESET researchers have discovered an Android app on Google Play that was hiding a new remote access trojan (RAT) dubbed AhRat.
The app, named iRecorder – Screen Recorder, has more than 50,000 installs. The app was initially uploaded to the Google Play store without malicious features on September 19th, 2021. Threat actors introduced the support for malicious functionalities in version 1.3.8 which was uploaded on August 2022.
"Microsoft is investigating service issues preventing users from accessing their Microsoft 365 accounts and blocking access to installed apps.
The company confirmed the issue in a tweet shared via the Microsoft 365 Status account and pointed admins to the Microsoft 365 Admin Center for more details.
"We're investigating an issue affecting access to https://msft.it/6016gbJ06 and Microsoft 365 apps," the company said.
"Google has updated its policy for personal accounts across its services to allow a maximum period of inactivity of two years.
After that time has passed, the accounts "may" be deleted, along with all their contents, settings, preferences, and user-saved data. This includes all data stored on services such as Gmail, Docs, Drive, Meet, Calendar, Google Photos, and YouTube.
"Apple has addressed three new zero-day vulnerabilities exploited in attacks to hack into iPhones, Macs, and iPads.
"Apple is aware of a report that this issue may have been actively exploited," the company revealed in security advisories describing the flaws.
The security bugs were all found in the multi-platform WebKit browser engine and are tracked as CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373.
"The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) is a multinational organization established to enhance cyber defence capabilities and promote cooperation among NATO member countries and partner nations.
"Cybersecurity researchers have unearthed previously undocumented attack infrastructure used by the prolific state-sponsored group SideWinder to strike entities located in Pakistan and China."
TLP1 : Green
"Meta is now rolling out 'Chat Lock,' a new WhatsApp privacy feature allowing users to block others from accessing their most personal conversations.
Chat Lock will create a new folder that can be locked with a password or biometric methods like a fingerprint.
You can ensure the privacy of your conversations by choosing the lock option after tapping the name of a one-to-one or group chat.
"Cybernews has confirmed a five-year-old Facebook glitch is sending automatic friend requests to the Facebook profiles you visit – leaving some online stalkers, er, we mean snoopers, quite embarrassed.
Whether it's your latest Hinge match, an old crush from high school, or even the new neighbors down the block, we've all done it. Social media snooping, that is.
Normally, when you snoop on someone’s social media profile, the person has no idea and will never find out.
"One of WordPress's most popular Elementor plugins, "Essential Addons for Elementor," was found to be vulnerable to an unauthenticated privilege escalation that could allow remote attacks to gain administrator rights on the site."
TLP1 : Green
