Ernestas Naprys

Lithuania

Senior Journalist at CyberNews

Featured in: Favicon

cybernews.com Favicon

delfi.lt

15min.lt

delfi.ee

newsbeezer.com Favicon

epl.delfi.ee

Articles

France estimates GDPR’s cyber benefits to be worth 1 billion euros, or one Meta fine

1 day ago | cybernews.com | Ernestas Naprys

The French cyber watchdog has analyzed GDPR’s cybersecurity benefits and found them to be between 585 million and 1.4 billion euros at the EU level, in five years. The sum is comparable to a single 1.2 billion euro fine issued to Meta for GDPR violations.
BadBox botnet grows to millions of Android devices participating in cybercrime, FBI warns

1 day ago | cybernews.com | Ernestas Naprys

Despite multiple take-down attempts, millions of consumer Android devices are running BadBox 2.0 malware, which comes preinstalled on cheap off-brand devices produced in China. The FBI wants you to check your gadgets for any suspicious activity. Cybercriminals can now hide behind millions of compromised Android devices when hacking unsuspecting victims.
Carding site BidenCash loses domains, cash, and face: feds seized the operation

2 days ago | cybernews.com | Ernestas Naprys

BidenCash, a dark web carding market responsible for trafficking over 15 million payment card numbers and other sensitive information, has suffered a major blow from authorities. Approximately 145 domains linked to the platform have been seized. US authorities seized 145 darknet and traditional internet domains, as well as cryptocurrency funds associated with the BidenCash marketplace, according to an announcement by the US Attorney’s Office for the Eastern District of Virginia.
Ukraine claims major hack on Russian aviation giant Tupolev

2 days ago | cybernews.com | Ernestas Naprys

Ukraine’s Main Intelligence Directorate (HUR) claims it carried out a successful cyberattack on Tupolev, a leading Russian company developing strategic bombers for the military. The cyber corps of Ukraine’s Military Intelligence reportedly obtained 4.4GB of secret data. Hackers also defaced the website of Tupolev with an image of an owl holding a Russian bomber in its claws.
Simple script turns Chrome into spyware, taking screenshots and recording video

3 days ago | cybernews.com | Ernestas Naprys

Hackers can abuse Google Chrome and other Chromium browsers to continuously take screenshots, spy through the camera, and record microphone audio. Hackers don’t need sophisticated malware to spy on their victims – they can use browsers instead. Security researcher mr.d0x disclosed several techniques that rely on specific Chromium browser command-line flags. Attackers can abuse them to spy on users once they gain access to the system.
Facebook, Yandex apps see everything Android users browse in Incognito mode

3 days ago | cybernews.com | Ernestas Naprys

Security researchers have unveiled a novel tracking method used by Meta and Yandex that effectively de-anonymizes billions of Android users when they browse the web, even using Incognito mode. The tech giants’ apps secretly listen for data from websites through “localhost” connections.
Beware of fake Booking.com pages used to spread malware

4 days ago | cybernews.com | Ernestas Naprys

In a new campaign, cybercriminals disseminate malicious links on gaming sites and social media and even buy sponsored ads on search engines to trick users into opening fraudulent websites impersonating Booking.com. Malwarebytes Labs is warning about users getting infected with AsyncRat, a backdoor remote access trojan (RAT) designed to monitor and control computers and gather sensitive and financial information, leading to financial damages and even identity theft.
These Androids come preloaded with apps that are very easy to hack

4 days ago | cybernews.com | Ernestas Naprys

Ulefone and Krüger&Matz smartphones are sold preloaded with apps that attackers can abuse to factory reset the devices, steal PIN codes, and even gain some system-level access, according to CERT Polska’s disclosure. Polish computer emergency response team CERT Polska has warned about three severe vulnerabilities in preloaded apps on Ulefone and Krüger&Matz smartphones. The two brands primarily target budget-conscious consumers.
Hackers can make your Sonos Era 300 sing unwanted tunes: severe vulnerability discovered

5 days ago | cybernews.com | Ernestas Naprys

Sonos Era 300 smart speakers contain a severe flaw that enables unauthenticated hackers to take complete control of the device and run arbitrary code, Trend Micro’s Zero Day Initiative (ZDI) researchers warn. If attackers gain access to the network, they can run code on Sonos Era 300 speakers. ZDI disclosed the vulnerability with a severity rating of 8.8 out of 10. “This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers.
Chrome tightens extension security: introduces a separate toggle for User Scripts permission

1 week ago | cybernews.com | Ernestas Naprys

Google has announced a significant change in how Chrome extensions gain permission to use the User Scripts API, which allows injecting custom JavaScript code on web pages. This will be the first permission that users need to enable individually for each extension. With Chrome 138, users will have to individually enable a switch called “Allow User Scripts” for each extension that uses the chrome.userScripts API.