News
-
"Android 'Always-on VPN' Reportedly Leaks Some Data — Does it Include IP Addresses?"Mullvad VPN discovered that Android leaks traffic whenever the device connects to a Wi-Fi network, even when the "Block connections without VPN" or "Always-on VPN" features are enabled. Source IP addresses, DNS lookups, HTTPS traffic, and possibly NTP…
-
"Microsoft Addresses Zero-Days, but Exchange Server Exploit Chain Remains Unpatched"Microsoft addressed a critical security vulnerability in its Azure cloud service in its October Patch Tuesday update, which earned a rare 10-out-of-10 rating on the CVSS vulnerability-severity scale. The company also patched two "important" zero-day bugs…
-
"Patch Tuesday: Critical Flaws in ColdFusion, Adobe Commerce"Adobe recently released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs to take complete control of vulnerable machines. Adobe warned the vulnerabilities…
-
"LockBit Affiliates Compromise Microsoft Exchange Servers to Deploy Ransomware"According to the South Korean cybersecurity firm AhnLab, LockBit ransomware affiliates are distributing their malware through compromised Microsoft Exchange servers. LockBit 3.0 ransomware infected two servers operated by the security firm's customer in…
-
"Google Forms Abused in New COVID-19 Phishing Wave in the US"COVID-19-themed phishing messages are on the rise in the US. According to a report shared by email security company INKY, malspam volumes more than doubled in September compared to the previous three months and are expected to rise even further. In the…
-
"Critical Bug in Siemens SIMATIC PLCs Could Let Attackers Steal Cryptographic Keys"A flaw in the Siemens SIMATIC Programmable Logic Controller (PLC) can be used to retrieve the hard-coded, global private cryptographic keys and seize control over the devices. According to industrial cybersecurity firm Claroty, an attacker can use these…
-
"White House is Planning to Develop IoT Device Cyber Labeling Program"The White House plans to develop a product labeling system to inform customers about the security risks that connected devices pose. In an October 11 fact sheet, the White House announced plans to hold a conference with interested parties to discuss a…
-
"Protecting Identities of Panelists in Market Research"According to a study conducted by researchers at Cornell SC Johnson College of Business, it is highly likely that the identity and other sensitive information of a survey participant can be traced back to the individual. When organizations release or…
-
"How Dark Patterns Manipulate Internet Users Every Day"According to Dr. Arianna Rossi, a research scientist in the Socio-technical Cybersecurity (IRiSC) research group at the University of Luxembourg's Interdisciplinary Centre for Security, Reliability, and Trust (SnT), the concept of dark patterns extends…
-
"New Method Makes Digital Services Safer for the User"Services are increasingly becoming digital as many people now do their banking, grocery shopping, and ticket booking online. Many people rely entirely on digital services in their personal and professional lives. As a result of societal digitization,…
-
"Bolstering 5G Security for Ultra-Sensitive Applications"A new National Science Foundation (NSF)-funded project led by University of Michigan-Dearborn's Junaid Farooq, assistant professor of Electrical and Computer Engineering, may allow the military to use commercial 5G networks without fear of being…
-
"AT&T Rolls Out New Cybersecurity Feature to Safeguard Text Messages"AT&T has recently rolled out a new cybersecurity feature to safeguard text messages. Researchers at AT&T stated that for the first time, cyber scammers have started to use text messages more than phone calls to entrap fraud victims. …