article thumbnail

Taiwan flags security risks in popular Chinese apps after official probe

Security Affairs

Taiwan warns Chinese apps like TikTok and WeChat pose security risks due to excessive data collection and data transfers to China. “The results indicate the existence of security issues, including excessive data collection and privacy infringement. ” reads the NSB’s announcement. Using the v4.0

article thumbnail

Lumma/Amadey: fake CAPTCHAs want to know if you’re human

SecureList

Inside this content is an obfuscated PowerShell script that ultimately downloads the malicious payload. Payload: Lumma stealer Initially, the malicious PowerShell script downloaded and executed an archive with the Lumma stealer. One of the modules can also take screenshots.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Cloud Atlas seen using a new tool in its attacks

SecureList

Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in the formula editor ( CVE-2018-0802 ) to download and execute malware code. It contains a formula editor exploit that downloads and runs an HTML Application (HTA) file hosted on the same C2 server.

article thumbnail

IT threat evolution Q3 2024

SecureList

CloudSorcerer is a sophisticated cyber-espionage tool used for stealth monitoring, data collection and exfiltration via Microsoft, Yandex and Dropbox cloud infrastructures. The malware, which received commands via the Dropbox cloud service, was used to download additional payloads.

article thumbnail

Monetization Monitor: Software Usage Analytics 2020

Efficient usage data collection and analytics can open up significant possibilities for suppliers. Top findings include: Growing Interest in Usage Data. 60% collect usage data; a total of more than 75% will do so in the next two years. Benefits & Challenges of Data Collection.

article thumbnail

Crooks target DeepSeek users with fake sponsored Google ads to deliver malware

Security Affairs

Clicking the download button delivers an MSIL-based Trojan, detected as Malware.AI.1323738514. In January, Italys Data Protection Authority Garante asked the AI firm DeepSeek to clarify its data collection, sources, purposes, legal basis, and storage, citing potential risks to user data. 1323738514.

article thumbnail

Italy’s Data Protection Authority Garante requested information from Deepseek

Security Affairs

Italys data privacy regulator Garante has requested information from Chinese AI company DeepSeek regarding its data practices. Italys Data Protection Authority Garante has asked the AI firm DeepSeek to clarify its data collection, sources, purposes, legal basis, and storage, citing potential risks to user data.