News & Updates

Samsung Devices Under Active Exploitation! CISA Warns of Critical Flaw

/
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a medium-severity flaw affecting Samsung devices.
The issue, tracked as CVE-2023-21492 (CVSS score: 4.4), impacts select Samsung devices running Android versions 11, 12, and 13.
The South Korean electronics giant described the issue as an information disclosure flaw that could be exploited by a
Cybersecurity Tools

Healthcare attacks are increasing: Why zero trust will prevent care disruptions

/

By Itai Greenberg, Chief Strategy Officer, Check Point. EXECUTIVE SUMMARY: Healthcare cyber attacks are on the rise. Zero trust is a security model that operates on the principle of ‘never trust, always verify’, and it’s an approach that should be taken to secure against healthcare cyber attacks. The 7 pillars of zero trust can be […]

The post Healthcare attacks are increasing: Why zero trust will prevent care disruptions appeared first on CyberTalk.

Cybersecurity Tools

What is business identity theft and how can you prevent it?

/

EXECUTIVE SUMMARY: In the way that the identity of a person can be stolen, the identity of a business can also be subject to theft. Once a business identity theft scheme is uncovered, a business must allocate time and resources to resolving the situation. It’s critical to implement preventative security mechanisms and controls in order […]

The post What is business identity theft and how can you prevent it? appeared first on CyberTalk.

News & Updates

Legitimate looking npm packages found hosting TurkoRat infostealer

/

Despite efforts taken in recent years to proactively monitor public software repositories for malicious code, packages that bundle malware continue to routinely pop up in such places. Researchers recently identified two legitimate looking packages that remained undetected for over two months and deployed an open-source information stealing trojan called TurkoRat.

Effective use of typosquatting on malicious npm packages

Attackers attempt to trick users into downloading malicious packages in several ways, and typosquatting is one of the most popular because it doesn’t take a lot of effort. This technique involves copying a legitimate package, adding malicious code to it and publishing it with a different name that’s a variation of the original in the hope that users will find it when searching for the real package.

To read this article in full, please click here

Scroll to Top