News
-
"Samsung Smartphone Users Warned of Actively Exploited Vulnerability"The US Cybersecurity and Infrastructure Security Agency (CISA) recently warned Samsung smartphone users about a recently patched vulnerability being exploited in attacks. The flaw is CVE-2023-21492, described as a kernel pointer exposure issue…
-
"Coventry University Researchers Shocked by Excessive Data Harvesting by Apps"Researchers at Coventry University are helping people protect their privacy after finding excessive data collection by websites and apps. Citizen Scientists Investigating Cookies and App General Data Protection Regulation (GDPR) compliance (CSI-COP) is…
-
"PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted"The maintainers of Python Package Index (PyPI), the official third-party software repository for the Python programming language, have disabled, until further notice, the ability for users to register and upload new packages. The volume of malicious…
-
"Android Phones Are Vulnerable to Fingerprint Brute-Force Attacks"A team of researchers from Tencent Labs and Zhejiang University has presented a new attack dubbed 'BrutePrint,' which brute-forces fingerprints on modern smartphones to circumvent user authentication and seize control of the device. Performing brute-…
-
"Malicious Links and Misaddressed Emails Slip Past Security Controls"According to Armorblox, most organizations use six or more communication tools across channels, with email remaining the most vulnerable channel to attacks (38 percent). Multiple-channel attacks are picking up momentum and gaining frequency, according to…
-
"3 Common Initial Attack Vectors Account for Most Ransomware Campaigns"Most ransomware attackers use one of three primary vectors to infiltrate networks and gain access to organizations' critical systems and data. According to researchers, the most significant vector for successful ransomware attacks in 2022 was the…
-
"Ask the Expert: How New Research Can Help Protect Private Data"As an associate professor in the Department of Computer Science and Engineering at Michigan State University, Dr. Borzoo Bonakdarpour works to prevent the exposure of private information. Well-publicized instances of individuals being hacked due to…
-
"Tech Mandated by Online Safety Bill 'Could Turn Phones Into Surveillance Tools'"According to new research from Imperial College London, the technology mandated by the UK's Online Safety Bill could be used to transform millions of phones into facial recognition tools. Client-Side Scanning (CSS) was examined in regard to its potential…
-
"NATO Member Websites Targeted by Pro-Russian Hackers"The pro-Russian hacking group UserSec has announced the start of a new cyber campaign targeting and defacing the websites of North Atlantic Treaty Organization (NATO) member countries. On their official UserSec Telegram channel, the group posted an…
-
"Congress Looks to Expand CISA’s Role, Adding Responsibilities For Satellites And Open Source Software"Lawmakers recently passed a series of bills to give the Cybersecurity and Infrastructure Security Agency (CISA) new responsibilities when it comes to safeguarding open source software, protecting U.S. critical infrastructure, and expanding the…
-
"KeePass 2.X Master Password Dumper Allows Retrieving the KeePass Master Password"KeePass 2.X Master Password Dumper is a proof-of-concept (PoC) tool developed by the security researcher Vdohney that retrieves the master password for KeePass. The tool exploits the unpatched vulnerability in KeePass, tracked as CVE-2023-32784, to…