New Android Malware CherryBlos Utilizing OCR to Steal Sensitive Data
A new Android malware strain called CherryBlos has been observed making use of optical character recognition (OCR) techniques to gather sensitive data stored in pictures
Theft in cybersecurity covers stolen data, credentials, devices, and funds, often creating risks of unauthorized access, fraud, and privacy loss.
Search across headline titles and summaries.
Background for this topic.
Unauthorized taking or copying of information, credentials, intellectual property, or digital assets is cyber theft. News under this tag may involve stolen passwords, payment data, personal information, source code, cloud tokens, cryptocurrency, or sensitive business files. Theft can result from phishing, malware, compromised accounts, insider access, exposed storage, or the loss of an unencrypted device; the relevant issue is the unauthorized acquisition or control of an asset, whether or not the attacker also alters systems.
Security teams should identify where valuable data and credentials are stored, restrict access by role, require strong authentication, encrypt data at rest and in transit, and monitor unusual downloads or transfers. Vulnerability management matters when flaws expose databases, endpoints, or cloud services to unauthorized retrieval. After suspected theft, preserving logs, revoking tokens and credentials, determining what was accessed or copied, and assessing privacy or notification obligations are central to containing the incident and measuring its impact.
A new Android malware strain called CherryBlos has been observed making use of optical character recognition (OCR) techniques to gather sensitive data stored in pictures
IDORs of the storm Personal, financial, and health information belonging to millions of folks has been stolen via a particular class of website vulnerability, say cybersecurity agencies in the US and Australia. They're urging developers to review their code and squish these bugs for good.…
NATO asserts that their cyber experts continue to look into the claims and that its classified networks remain secure.
Two new Android malware families named 'CherryBlos' and 'FakeTrade' were discovered on Google Play, aiming to steal cryptocurrency credentials and funds or conduct scams. [...]
The Hawaiʻi Community College has admitted that it paid a ransom to ransomware actors to prevent the leaking of stolen data of approximately 28,000 people. [...]
Site was used to trade stolen data
Cybersecurity agencies in Australia and the U.S. have published a joint cybersecurity advisory warning against security flaws in web applications that could be exploited by malicious actors to orchestrate data breach incidents and steal confidential data
'Gay furry hackers' say it's in response to 'attacks on human rights' and noooothing to do with Russia-Ukraine NATO is investigating claims by miscreants that they broke into the military alliance's unclassified information-sharing and collaboration IT environment, stole information belonging to 31 nations, and leaked 845 MB of compressed data.…
Estonian crypto-payments service provider CoinsPaid has announced that it experienced a cyber attack on July 22nd, 2023, that resulted in the theft of $37,200,000 worth of cryptocurrency. [...]
Popular WordPress form-building plugin Ninja Forms contains three vulnerabilities that could allow attackers to achieve privilege escalation and steal user data. [...]
U.S. government services contractor Maximus has disclosed a data breach warning that hackers stole the personal data of 8 to 11 million people during the recent MOVEit Transfer data-theft attacks. [...]
NATO has confirmed that its IT team is investigating claims about an alleged data-theft hack on the Communities of Interest (COI) Cooperation Portal by a hacking group known as SiegedSec. [...]
A new study conducted by Uptycs has uncovered a stark increase in the distribution of information stealing (a.k.a. infostealer or stealer) malware. Incidents have more than doubled in Q1 2023, indicating an alarming trend that threatens global organizations
Tax-paying individuals in Mexico and Chile have been targeted by a Mexico-based cybercrime group that goes by the name Fenix to breach targeted networks and steal valuable data
A new malware family called Realst has become the latest to target Apple macOS systems, with a third of the samples already designed to infect macOS 14 Sonoma, the upcoming major release of the operating system
A new Mac malware named "Realst" is being used in a massive campaign targeting Apple computers, with some of its latest variants including support for macOS 14 Sonoma, which is still in development. [...]
The analysis of nearly 20 million information-stealing malware logs sold on the dark web and Telegram channels revealed that they had achieved significant infiltration into business environments. [...]
SOCRAdar and Falcon Feeds reported that the threat actor allegedly started selling the dataset
Google's security researcher Tavis Ormandy discovered a new vulnerability impacting AMD Zen2 CPUs that could allow a malicious actor to steal sensitive data, such as passwords and encryption keys, at a rate of 30KB/sec from each CPU core. [...]
Zen 2 flaw more simple than Spectre, exploit code already out there – get patching when you can AMD has started issuing some patches for its processors affected by a serious silicon-level bug dubbed Zenbleed that can be exploited by rogue users and malware to steal passwords, cryptographic keys, and other secrets from software running on a vulnerable system.…