News
-
"Flipper Zero Can Be Used to Launch iOS Bluetooth Spam Attacks"The Flipper Zero portable wireless pen-testing and hacking tool can be used to spam Apple iOS devices, such as iPhones and iPads, with Bluetooth connection messages. A security researcher called 'Techryptic' developed the technique and posted a YouTube…
-
"Mirai Botnet Variant 'Pandora' Hijacks Android TVs for Cyberattacks"Pandora, a variant of the Mirai botnet, has been spotted infiltrating inexpensive Android-based TVs and TV boxes to use them as part of a botnet to launch Distributed Denial-of-Service (DDoS) attacks. According to Doctor Web, the compromises are likely…
-
"MacOS Malware Has a New Trick Up Its Sleeve"Malwarebytes researchers discovered that a newer version of the Atomic Stealer macOS malware has a new technique that enables it to evade the operating system's Gatekeeper. The malware, which was first advertised in April 2023, is an information stealer…
-
"IBM Discloses Data Breach Impacting Janssen Healthcare Platform"IBM recently notified customers and users of a Johnson & Johnson healthcare platform that their personal information may have been compromised as a result of a data breach. IBM explained that it provides services to Johnson & Johnson, which…
-
"UChicago Researchers Win Internet Defense Prize and Distinguished Paper Awards at USENIX Security"At this year's USENIX Security Symposium, faculty and students from the University of Chicago's (UChicago) Department of Computer Science won two Distinguished Paper Awards and the 2023 Internet Defense Prize. A team from Associate Professor Blase Ur's…
-
"How One State Pushes Cybersecurity to Local Agencies"Staff shortages and limited budgets have long troubled local governments and school districts trying to defend themselves against cyberattacks. In Arizona, the statewide information security and privacy office known as Cyber Command provides free cloud-…
-
"New Chaes Malware Variant Targets Banking and Logistics Industries"A new variant of the Chaes malware called Chae$4 targets the banking and logistics industries along with major content management platforms. According to researchers at Morphisec, Chae$4 has targeted customers of platforms and banks such as Mercado Libre…
-
"CISA Announces Secure by Design Pledge with K-12 Education Technology Providers"The US Cybersecurity and Infrastructure Security Agency (CISA) has announced a voluntary pledge for manufacturers of K-12 Education Technology software to design products with improved security. CISA has received commitments from six K-12 software…
-
"Chrome 116 Update Patches High-Severity Vulnerabilities"Google recently announced the release of a Chrome 116 update that patches four high-severity vulnerabilities reported by external researchers. Tracked as CVE-2023-4761, the first bug is described as an out-of-bounds memory access issue in the FedCM…
-
"Rogue Chrome Extensions Can Steal Passwords From Websites Such as Gmail, Amazon & Facebook"University of Wisconsin-Madison researchers have developed a Proof-of-Concept (PoC) Chrome extension that can steal plaintext passwords from the HTML source code of nearly any website. In a recently published paper, the researchers detailed how a…
-
"Android Zero-Day Patched With September 2023 Security Updates"Google recently announced that Android's September 2023 security updates contain patches for 32 vulnerabilities, including one that has been exploited in attacks. Tracked as CVE-2023-35674, the zero-day flaw is described as a high-severity…
-
"Thousands of Popular Websites Leaking Secrets"Security researchers at Truffle Security warn that thousands of the domains in the Alexa top 1 million websites list are leaking secrets, including credentials. The researchers noted that 4,500 of the analyzed websites exposed their .git directory…