A new malware named Banshee, developed by Russian hackers, is targeting macOS users by compromising browser extensions. Banshee poses a significant threat by stealing sensitive data such as passwords, cryptocurrency, and personal information. The malware affects a wide range of web browsers, including Safari, Chrome, and Firefox, and can infiltrate various crypto wallets.
Banshee is being sold on the dark web for as little as $3,000, making it an accessible tool for cybercriminals. Researchers at Elastic Security Labs identified that Banshee operates on both x86_64 and ARM64 macOS systems. Once the malware infiltrates a system, it begins harvesting data from the Mac’s Keychain, desktop, and documents, with the ability to evade detection.
Infection methods likely involve deceptive tactics, such as fake pop-ups mimicking legitimate updates or urgent notifications. Despite the growing concerns, the full extent of Banshee’s spread and impact remains unclear. Apple’s security infrastructure, while robust, has been exploited through browser extensions, underscoring the need for vigilance.
To protect against such threats, Mac users should limit browser extensions, be cautious with downloads, keep software updated, and use strong, unique passwords. These practices, while not foolproof, significantly reduce the risk of falling victim to malware like Banshee.
Schlatter Industries, a Swiss engineering firm, has restored its computer network after a cyberattack disrupted operations for nearly two weeks. The company announced that the attack on 9 August involved malware and an extortion attempt. However, details regarding the breach, including whether any data was compromised, remain undisclosed.
While Schlatter has not quantified the financial repercussions of the attack, the company previously warned that its full-year results are expected to fall significantly compared to last year. This decline is attributed not only to the cyberattack but also to a decrease in orders and delays in commissioning projects within its welding division. The company continues to investigate the incident and assess its impact.
The EU is facing a significant divide among its member states regarding the regulation of high-risk telecom suppliers, particularly Huawei and ZTE, in the context of 5G network infrastructure. Eleven of the 27 EU countries have enacted legal measures to restrict these suppliers following the European Commission’s adoption of the 5G Cybersecurity Toolbox in 2020.
The following divide reflects varying levels of concern about national security, economic interests, and diplomatic relations. Scepticism surrounding Huawei and ZTE intensified in 2018 when numerous countries, including the US and Japan, began excluding these companies from public tenders due to allegations of espionage and their ties to the Chinese government.
Sweden was among the first EU nations to ban Huawei, mandating the removal of its equipment from 5G networks by 1 January 2025. Despite Huawei’s denials of wrongdoing, distrust persists within the EU. Responses to these security concerns vary significantly. Germany has announced that components from Huawei and ZTE must be removed from its 5G core networks by the end of 2026, aligning with its National Security Strategy.
In contrast, Italy has taken a more cautious approach, evaluating cases involving Huawei individually. Despite signing a 5G security declaration with the US, Slovenia rejected a bill to exclude high-risk manufacturers, indicating a more lenient stance.
NATO’s initiative to enhance global internet resilience through satellite communications has made significant strides since its launch on 31 July 2024. With a $2.5 million investment from NATO’s Science for Peace and Security (SPS) programme, the project aims to create a hybrid network that can reroute data during emergencies when undersea cables are compromised.
Collaborating with prestigious institutions like Cornell University and Johns Hopkins University, the consortium known as HEIST is focused on developing a working prototype within the next two years, with a demonstration planned at the Blekinge Institute of Technology in Sweden.
The initiative seeks to bolster internet security by integrating satellite and submarine cable technologies and addresses the complex legal challenges associated with international telecommunications. By promoting collaboration among NATO Allies and partners, this project represents a proactive approach to safeguarding critical infrastructure and ensuring the stability of global communications in an increasingly digital landscape.
A massive data breach has resulted in the exposure of over 2.7 billion records from National Public Data (NPD), now available on a criminal forum. The leaked data includes sensitive information such as names, mailing addresses, and Social Security numbers. Although the exact accuracy of the records is unclear, the breach is substantial, potentially affecting a significant portion of the US population.
The stolen database was posted on Breachforums, a site known for distributing such leaks, and was made available for free download. NPD, which compiles and sells personal data from public sources, is facing multiple lawsuits for failing to protect this information. The breach highlights ongoing issues with data security, as this is not the first time NPD’s data has been compromised.
In response to the data breach, there are increased calls for improved data protection measures and identity theft protection. Affected individuals are advised to monitor their accounts and be cautious of phishing attempts. This incident underscores the need for stronger encryption and security practices to safeguard personal data.
NPD has not yet responded to requests for comment. The breach raises serious concerns about the company’s data management practices and its responsibility to protect the information it collects.
The Pakistan Software Houses Association (P@SHA) has warned that Pakistan’s new internet firewall could cost the economy up to $300 million. The firewall, designed to monitor and regulate online content, has already led to significant disruptions including prolonged internet outages and unstable VPN performance, threatening business operations across the country. P@SHA describes these issues as a severe blow to the industry’s viability.
The government, which denies using the firewall for censorship, has faced criticism for its lack of transparency. This yhas sparked fears among internet users and international IT clients about data privacy and security. The firewall’s impact on the economy is exacerbated by existing restrictions, such as the blocking of the social media platform X.
P@SHA has called for an immediate halt to the firewall, urging the government to collaborate with the industry to establish a robust cybersecurity framework. IT sector of Pakistan, which recorded a significant increase in exports this year, stands to suffer considerable losses if the disruptions continue.
California is set to vote on SB 1047, a bill designed to prevent catastrophic harm from AI systems. The bill targets large AI models—those costing over $100 million to train and using immense computing power—requiring their developers to implement strict safety protocols. These include emergency shut-off mechanisms and third-party audits. The Frontier Model Division (FMD) will oversee compliance and enforce penalties for violations.
Supporters of the bill, including State Senator Scott Wiener and prominent AI researchers, contend that preemptive regulation is essential to safeguard against potential AI disasters. They believe it’s crucial to establish regulations before serious incidents occur. The bill is expected to be approved by the Senate and is now awaiting a decision from Governor Gavin Newsom.
If passed, SB 1047 would not take effect immediately, with the FMD scheduled to be established by 2026. The bill is anticipated to face legal challenges from various stakeholders who are concerned about its implications for the tech industry.
Two US lawmakers have called on the Biden administration to investigate Chinese company TP-Link Technology Co. over concerns that its WiFi routers could pose a national security risk. The request was made in a letter to the Commerce Department, highlighting the potential for cyber attacks using vulnerabilities in TP-Link firmware. The company, a global leader in WiFi router sales, has not yet responded to the inquiry.
Concerns were raised after reports surfaced that TP-Link routers were exploited in cyber attacks targeting government officials in Europe. The lawmakers expressed fears that similar attacks could be carried out against the US infrastructure. They have urged the Commerce Department to assess the threat posed by Chinese-affiliated routers, particularly TP-Link’s, given its market dominance.
TP-Link, founded in China in 1996, has been linked to cybersecurity concerns before. Last year, the US Cybersecurity and Infrastructure Agency flagged vulnerabilities in the company’s routers that could be used for remote attacks. Around the same time, a Chinese state-sponsored hacking group was found to have targeted European officials using malicious implants in TP-Link routers.
The Commerce Department has the authority to impose bans or restrictions on technology transactions with companies from nations considered adversarial to US interests, including China. The investigation could lead to new measures aimed at preventing potential security risks from Chinese-made equipment in critical US infrastructure.
Hackers connected to Russian intelligence have been targeting Kremlin critics worldwide through phishing emails, as revealed by research from Citizen Lab and Access Now. The cyberattacks, which began in 2022, have affected Russian opposition figures in exile, former US officials, and EU non-profits, among others. These attacks are part of a broader internet espionage operation aimed at accessing sensitive networks and contacts.
A key feature of the campaign is the use of malicious emails that appear to come from known contacts, making them particularly deceptive. Victims include a former US ambassador to Ukraine, who received an email impersonating a colleague. Many of those targeted fell for the scam, which led them to fake login pages designed to steal their credentials.
The hacking groups behind the attacks, identified as Cold River and Coldwastrel, have been linked to Russia’s Federal Security Service (FSB). Cold River, known for its prolific activity since 2016, has intensified its efforts against Kyiv’s allies since the invasion of Ukraine. Some of its members have faced sanctions from the US and Britain.
Citizen Lab warns that the consequences of these cyberattacks could be severe, particularly for those still in Russia, where successful breaches could lead to imprisonment. Despite the serious implications, the Russian embassy has not commented on the allegations, continuing to deny involvement in previous hacking incidents.
GitHub, a major platform for developers and code repositories, experienced a significant outage on Wednesday, affecting its website and multiple services. The issues were linked to changes in the platform’s database infrastructure, which have since been rolled back. As of 8:26PM ET, GitHub confirmed that all services are now fully operational.
Earlier, many users encountered an error message when trying to access the site, which stated, ‘no server is currently available to service your request.’ Alongside this message, users were greeted by an image of an angry unicorn. The outage impacted core services, including pull requests, GitHub Pages, Copilot, and the GitHub API.
The outage escalated quickly, with GitHub’s first status message at 7:11PM ET, followed by reports of issues with several key services. According to Downdetector, more than 10,000 users reported problems within minutes of the first alert. International outages were confirmed by internet monitoring service NetBlocks just two minutes later.
GitHub, which was acquired by Microsoft in 2018, has not yet provided a detailed comment on the incident. However, services have now returned to normal, and the platform continues to monitor its systems for any lingering issues.
