Recently both Apple and Google have come under fire because of a setting that allows a person to reset the respective account for a phone once the phone is unlocked. When it comes to Android devices, you can use your unlock method
Category: Cybersecurity
What Data Do VPNs Need to Send to the Indian Government?
Crypto trades, cloud administrations, and VPN suppliers with tasks in India end up at a junction. Under the Indian government’s new CERT-in rules, VPNs and different information overseers will be expected to log client information, as well as store their
9-Year-Old Unpatched Email Hacking Bug Uncovered in Horde Webmail Software
Users of Horde Webmail are being urged to disable a feature to contain a nine-year-old unpatched security vulnerability in the software that could be abused to gain complete access to email accounts simply by previewing an attachment. “This gives the
New "SockDetour" Fileless, Socketless Backdoor Targets U.S. Defense Contractors
Cybersecurity researchers have taken the wraps off a previously undocumented and stealthy custom malware called SockDetour that targeted U.S.-based defense contractors with the goal of being used as a secondary implant on compromised Windows hosts. “SockDetour is a backdoor that
Iran's MuddyWater Hacker Group Using New Malware in Worldwide Cyber Attacks
Cybersecurity agencies from the U.K. and the U.S. have laid bare a new malware used by the Iranian government-sponsored advanced persistent threat (APT) group in attacks targeting government and commercial networks worldwide. “MuddyWater actors are positioned both to provide stolen
Notorious TrickBot Malware Gang Shuts Down its Botnet Infrastructure
The modular Windows crimeware platform known as TrickBot formally shuttered its infrastructure on Thursday after reports emerged of its imminent retirement amid a lull in its activity for almost two months, marking an end to one of the most persistent
Putin Warns Russian Critical Infrastructure to Brace for Potential Cyber Attacks
The Russian government on Thursday warned of cyber attacks aimed at domestic critical infrastructure operators, as the country’s full-blown invasion of Ukraine enters the second day. In addition to cautioning of the “threat of an increase in the intensity of
New Linux Privilege Escalation Flaw Uncovered in Snap Package Manager
Multiple security vulnerabilities have been disclosed in Canonical’s Snap software packaging and deployment system, the most critical of which can be exploited to escalate privilege to gain root privileges. Snaps are self-contained application packages that are designed to work on
New Flaws Discovered in Cisco's Network Operating System for Switches
Cisco has released software updates to address four security vulnerabilities in its software that could be weaponized by malicious actors to take control of affected systems. The most critical of the flaws is CVE-2022-20650 (CVSS score: 8.8), which relates to
Microsoft Warns of 'Ice Phishing' Threat on Web3 and Decentralized Networks
Microsoft has warned of emerging threats in the Web3 landscape, including “ice phishing” campaigns, as a surge in adoption of blockchain and DeFi technologies emphasizes the need to build security into the decentralized web while it’s still in its early
Critical Flaw Uncovered in WordPress Backup Plugin Used by Over 3 Million Sites
Patches have been issued to contain a “severe” security vulnerability in UpdraftPlus, a WordPress plugin with over three million installations, that can be weaponized to download the site’s private data using an account on the vulnerable sites. “All versions of
U.S. Cybersecurity Agency Publishes List of Free Security Tools and Services
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday published a repository of free tools and services to enable organizations to mitigate, detect, and respond effectively to malicious attacks and further improve their security posture. The “Free Cybersecurity Services
US, UK Agencies Warn of New Russian Botnet Built from Hacked Firewall Devices
Intelligence agencies in the U.K. and the U.S. disclosed details of a new botnet malware called Cyclops Blink that’s been attributed to the Russian-backed Sandworm hacking group and deployed in attacks dating back to 2019. “Cyclops Blink appears to be
From Pet Systems to Cattle Farm — What Happened to the Data Center?
There’s something about craftsmanship. It’s personal, its artistry, and it can be incredibly effective in achieving its goals. On the other hand, mass-market production can be effective in other ways, through speed, efficiency, and cost savings. The story of data
CISA Alerts on Actively Exploited Flaws in Zabbix Network Monitoring Platform
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of two security flaws impacting Zabbix open-source enterprise monitoring platform, adding them to its Known Exploited Vulnerabilities Catalog. On top of that, CISA is also recommending that