New Flaw in Acer Laptops Could Let Attackers Disable Secure Boot ProtectionAcer has released a firmware update to address a security vulnerability that could be potentially...
Day: December 5, 2022
3 New Vulnerabilities Affect OT Products from German Companies Festo and CODESYS
3 New Vulnerabilities Affect OT Products from German Companies Festo and CODESYSResearchers have disclosed details of three new security vulnerabilities affecting operational technology (OT) products from...
Chinese Cyber Espionage Hackers Using USB Devices to Target Entities in Philippines
Chinese Cyber Espionage Hackers Using USB Devices to Target Entities in PhilippinesA threat actor with a suspected China nexus has been linked to a set of...
Australia Passes Bill to Fine Companies up to $50 Million for Data Breaches
Australia Passes Bill to Fine Companies up to $50 Million for Data BreachesThe Australian government has passed a bill that markedly increases the penalty for companies...
This Malicious App Abused Hacked Devices to Create Fake Accounts on Multiple Platforms
This Malicious App Abused Hacked Devices to Create Fake Accounts on Multiple PlatformsA malicious Android SMS application discovered on the Google Play Store has been found...
French Electricity Provider Fined for Storing Users’ Passwords with Weak MD5 Algorithm
French Electricity Provider Fined for Storing Users’ Passwords with Weak MD5 AlgorithmThe French data protection watchdog on Tuesday fined electricity provider Électricité de France (EDF) €600,000 for...
Researchers Find a Way Malicious NPM Libraries Can Evade Vulnerability Detection
Researchers Find a Way Malicious NPM Libraries Can Evade Vulnerability DetectionNew findings from cybersecurity firm JFrog show that malware targeting the npm ecosystem can evade security...
North Korea Hackers Using New “Dolphin” Backdoor to Spy on South Korean Targets
North Korea Hackers Using New "Dolphin" Backdoor to Spy on South Korean TargetsThe North Korea-linked ScarCruft group has been attributed to a previously undocumented backdoor called Dolphin that...
Researchers ‘Accidentally’ Crash KmsdBot Cryptocurrency Mining Botnet Network
Researchers 'Accidentally’ Crash KmsdBot Cryptocurrency Mining Botnet NetworkAn ongoing analysis into an up-and-coming cryptocurrency mining botnet known as KmsdBot has led to it being accidentally taken down. KmsdBot,...
LastPass Suffers Another Security Breach; Exposed Some Customers Information
LastPass Suffers Another Security Breach; Exposed Some Customers InformationPopular password management service LastPass said it's investigating a second security incident that involved attackers accessing some of...
Schoolyard Bully Trojan Apps Stole Facebook Credentials from Over 300,000 Android Users
Schoolyard Bully Trojan Apps Stole Facebook Credentials from Over 300,000 Android UsersMore than 300,000 users across 71 countries have been victimized by a new Android threat...
Researchers Disclose Critical RCE Vulnerability Affecting Quarkus Java Framework
Researchers Disclose Critical RCE Vulnerability Affecting Quarkus Java FrameworkA critical security vulnerability has been disclosed in the Quarkus Java framework that could be potentially exploited to...
Hackers Leak Another Set of Medibank Customer Data on the Dark Web
Hackers Leak Another Set of Medibank Customer Data on the Dark WebMedibank on Thursday confirmed that the threat actors behind the devastating cyber attack have posted another dump...
Ransomware attack forces top Indian medical institute into manual mode
Ransomware attack forces top Indian medical institute into manual modeThe All India Institute of Medical Sciences (AIIMS), New Delhi, one of India’s top medical institutes, has...
What Developers Need to Fight the Battle Against Common Vulnerabilities
What Developers Need to Fight the Battle Against Common VulnerabilitiesToday's threat landscape is constantly evolving, and now more than ever, organizations and businesses in every sector...
Cybercriminals are increasingly using info-stealing malware to target victims
Cybercriminals are increasingly using info-stealing malware to target victimsCybercriminals are increasingly shifting from automated scam-as-a-service to more advanced info-stealing malware distributors as the competition for resources...
Cuba Ransomware Extorted Over $60 Million in Ransom Fees from More than 100 Entities
Cuba Ransomware Extorted Over $60 Million in Ransom Fees from More than 100 EntitiesThe threat actors behind Cuba (aka COLDDRAW) ransomware have received more than $60...
Google Accuses Spanish Spyware Vendor of Exploiting Chrome, Firefox, & Windows Zero-Days
Google Accuses Spanish Spyware Vendor of Exploiting Chrome, Firefox, & Windows Zero-DaysA Barcelona-based surveillanceware vendor named Variston IT is said to have surreptitiously planted spyware on...
Top 7 CIAM tools
Top 7 CIAM toolsCustomer identity and access management (CIAM), a subset of identity access management (IAM), is used to manage authentication and authorization of account creation...
Watch Out! These Android Keyboard Apps With 2 Million Installs Can be Hacked Remotely
Watch Out! These Android Keyboard Apps With 2 Million Installs Can be Hacked RemotelyMultiple unpatched vulnerabilities have been discovered in three Android apps that allow a...
Hackers Exploiting Redis Vulnerability to Deploy New Redigo Malware on Servers
Hackers Exploiting Redis Vulnerability to Deploy New Redigo Malware on ServersA previously undocumented Go-based malware is targeting Redis servers with the goal of taking control of...
Here is why you should have Cobalt Strike detection in place
Here is why you should have Cobalt Strike detection in placeGoogle recently released a list of YARA detection rules for malicious variants of the legitimate Cobalt...
What the CISA Reporting Rule Means for Your IT Security Protocol
What the CISA Reporting Rule Means for Your IT Security ProtocolThe new Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) requires CISA to create rules regarding...
500 million WhatsApp mobile numbers up for sale on the dark web
500 million WhatsApp mobile numbers up for sale on the dark webA database of 487 million WhatsApp users’ mobile numbers has been put up for sale...
Meta Received A $275 Million Fine Following the 2021 Massive Data Leak
Meta Received A $275 Million Fine Following the 2021 Massive Data LeakThe investigation into the 2021 massive Facebook data breach resulted in a $275.5 Million fine...
EU Council adopts NIS2 directive to harmonize cybersecurity across member states
EU Council adopts NIS2 directive to harmonize cybersecurity across member statesThe Council of the European Union (EU) has adopted a new cybersecurity directive designed to improve...
The Value of Old Systems
The Value of Old SystemsOld technology solutions – every organization has a few of them tucked away somewhere. It could be an old and unsupported storage...
Google warns about commercial Heliconia spyware hitting Chrome, Firefox and Microsoft Defender
Google warns about commercial Heliconia spyware hitting Chrome, Firefox and Microsoft DefenderMeanwhile NSO faces new lawsuit over Pegasus flying onto journalists' phones Google's Threat Analysis Group...
Researchers Disclose Supply-Chain Flaw Affecting IBM Cloud Databases for PostgreSQL
Researchers Disclose Supply-Chain Flaw Affecting IBM Cloud Databases for PostgreSQLIBM has fixed a high-severity security vulnerability affecting its Cloud Databases (ICD) for PostgreSQL product that could...
Nvidia patches 29 GPU driver bugs that could lead to code execution, device takeover
Nvidia patches 29 GPU driver bugs that could lead to code execution, device takeoverTake a break from the gaming and fix these now Nvidia fixed more...