News
-
"Police Shutter 13,000 Sites in Piracy Crackdown"According to Europol, a wide-ranging effort to disrupt counterfeiting and online piracy across the EU resulted in the closure of 12,526 websites hosting illegal content. As of Cyber Monday, police disconnected 32 servers used to distribute the…
-
"Irish Data Protection Commission Fines Meta Over 2021 Data-Scraping Leak"The Irish Data Protection Commission (DPC) fined Meta $275.5 million for a data leak suffered by Facebook in 2021 that exposed the data of millions of Facebook users. Meta is also subject to a number of corrective measures imposed by the DPC. On April 3…
-
"Pre-auth RCE in Oracle Fusion Middleware Exploited in the Wild (CVE-2021-35587)"The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that a pre-authentication Remote Code Execution (RCE) flaw in Oracle Access Manager (OAM), tracked as CVE-2021-35587, which was fixed in January…
-
"Cyber-Threat Group Targets Critical RCE Vulnerability in 'Bleed You' Campaign"A campaign called "Bleed You" is attempting to exploit a known Remote Code Execution (RCE) vulnerability in Windows Internet Key Exchange (IKE) Protocol Extensions, and over 1,000 systems are unpatched and vulnerable. According to a new report from…
-
"Acer Fixes UEFI Bugs That Can Be Used to Disable Secure Boot"Acer has patched a critical vulnerability affecting several laptop models that could allow local attackers to disable Unified Extensible Firmware Interface (UEFI) Secure Boot on targeted systems. The Secure Boot security feature thwarts untrusted…
-
"Hackers Using Trending TikTok 'Invisible Challenge' to Spread Malware"According to new Checkmarx research, threat actors are exploiting a popular TikTok challenge to trick users into downloading information-stealing malware. The Invisible Challenge trend involves using a filter called Invisible Body, which only leaves a…
-
"SocGholish Finds Success Through Novel Email Techniques"Proofpoint researchers have revealed more technical details about SocGholish, the malware variant they discovered earlier in November, emphasizing its tactics that differ from traditional phishing campaigns. SocGholish deviates from the norm by doing…
-
"Cisco Identifies Vulnerabilities in Identity Services Engine"High-level vulnerabilities in Cisco Systems' network access control solution could allow an authenticated, remote attacker to inject arbitrary operating system commands, bypass security safeguards, and execute Cross-Site Scripting (XSS) attacks. Four of…
-
"What's Next in Cybersecurity"Hacking is an unavoidable constant in the cybersecurity industry, which is expected to spend $150 billion this year without actually being able to stop hackers. This year has seen Russian government hacks against Ukraine, an increase in ransomware…
-
"Google Releases Patch for Zero-Day Chrome Vulnerability"Google has started rolling out a patch for a critical security flaw affecting the desktop version of its Chrome browser. The vulnerability, tracked as CVE-2022-4135, impacts Chrome for Windows, Mac, and Linux. Google is aware of an exploit for the high-…
-
"FIFA World Cup Fans Warned Amid Rise of Cyber Attacks"Security experts have seen a sharp rise in the number of fake streaming website for the FIFA World Cup 2022 and other related scams. These sites are stealing user data and infecting users’ sites with downloaded malware. Some of the sites pull fans in by…
-
"India's AIIMS Hit by Outages After Cyberattack"The All India Institute of Medical Sciences (AIIMS), India's leading public medical institute, is experiencing outages due to a cyberattack. Hundreds of patients and doctors are affected by the outages, which include patient admission, discharge, and…