Sunday, October 17, 2021

Malware and Vulnerabilities

Backdoor accounts found in More than 100,000 Zyxel firewalls, VPN gateways

Dutch cybersecurity researchers have discovered a backdoor account in 100,000 networking devices manufactured by Zyxel, which may grant hackers accessibility to all those vulnerable devices and put data at risk.The password and username (zyfwp/PrOw! AN_fXp) was observable in one...

Chrome and Microsoft Edge Malicious extensions hit 30 lakh Users

Threat Intelligence researchers from cybersecurity firm Avast have identified malware hidden in at least 28 third-party Google Chrome and Microsoft Edge extensions that may have affected 30 lakh users worldwide.Three million Google Chrome and Microsoft Edge users could be...

Adobe security update squashes critical vulnerabilities in Lightroom, Prelude

Adobe's final key patch around 2020 has coped with random code and JavaScript implementation bugs.Adobe's past scheduled security update of this year has solved critical vulnerabilities from Lightroom, Prelude, and Expertise Supervisor.The initial fix was issued for Adobe Lightroom,...

Amnesia:33 vulnerabilities Impact Countless Industrial and Smart Devices

Security researchers have identified 33 security defects in four accessible TCP/IP piles used across a broad selection of intelligent products.Security researchers have revealed now 33 security defects in four accessible TCP/IP libraries now used within the firmware of merchandise...

I made this ‘magic’ iPhone Wi-Fi hack in my bedroom, imagine what others could do: Google researcher

Do not assume there is not somebody out there who is willing and ready to discover the ideal bug to hack on your smartphone, warns Google Project Zero researcher.A Google Project Zero (GPZ) insect hunter that specializes in iPhone...

This software flaw Has Been used to break into Networks, so update Quickly

A vulnerability in MobileIron mobile device management applications is used by state-backed hackers and organized crime warns the safety bureau.State-backed hackers and criminal gangs are now actively utilizing a vulnerability in mobile device management (MDM) applications to successfully get...

WAPDropper malware abuses Android devices for WAP fraud

New WAPDropper malware signals users up to premium services supplied from telecoms from Thailand and Malaysia.Security researchers have discovered a new breed of Android malware has been now dispersed in the wild, mostly targeting users situated in Southeast Asia.Launched...

TikTok patches reflected XSS bug, one-click account takeover exploit

TikTok has patched a reflected XSS security defect along with a bug leading into account takeover affecting the company's domain.As reported via the Bug bounty platform system HackerOne by writer Muhammed"Milly" Taskiran, the initial exposure relates to a URL...

Chinese Cloud Hopper Attackers Use Zerologon at New Campaign

Chinese state-sponsored attackers are working a significant worldwide campaign against several verticals harnessing the Zerologon vulnerability, based on a new study from Symantec.APT10 is well known to investigators, having been unmasked as the thing behind the notorious Cloud Hopper...

A new Breed of card skimming Grelos malware is on the loose

Magecart Version has Shifted and You Ought to be Attentive, warns RiskIQA new offshoot of this Grelos card-skimming malware - a more standard Magecart version - is doing the rounds, based on infosec biz RiskIQ.A special cookie linked to...

Latest News

Unified endpoint management automation software to boost endpoint security

Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process...

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft also revealed the workings of...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...