Google Chrome Strengthens Cookie Security on Windows with App-Bound Encryption
In a move to bolster user protection against cookie theft and infostealer malware, Google Chrome has introduced a new security feature called App-Bound Encryption for Windows users. This enhancement...
View ArticleCVE-2024-7205 in eWeLink Cloud Service Exposes Devices to Takeover
eWeLink, the popular smart home platform, has issued a critical security advisory warning users of a vulnerability in their cloud service. The flaw, designated as CVE-2024-7205 (CVSS 9.4), could...
View ArticleDark Angels Ransomware Gang Reaps Record $75 Million Payout
Zscaler, a company specializing in cloud security, has discovered that this year, hackers from the Dark Angels group secured a record ransom payment of $75 million. The name of the affected...
View ArticleMassive Payout: Meta Coughs Up $1.4 Billion in Facial Recognition Settlement
Meta has agreed to pay the state of Texas $1.4 billion to settle a lawsuit accusing the company of unlawfully using facial recognition technology to collect biometric data from millions of Texans...
View ArticleDahua Technology Addresses Vulnerabilities in Network Video Recorders and IP...
Dahua Technology, a leading provider of video surveillance solutions, has released a security advisory addressing multiple vulnerabilities in their network video recorders (NVRs) and IP cameras. These...
View ArticleMassive Android SMS Stealer Campaign Uncovered: Over 100,000 Malicious Apps...
A new report from Zimperium zLabs reveals a sprawling and sophisticated Android malware campaign that has infected over 107,000 devices across 113 countries since February 2022. The malware, a silent...
View ArticleCVE-2024-41667: OpenAM Vulnerability Exposes Authentication Systems to...
A severe security vulnerability, identified as CVE-2024-41667 and rated with a CVSS score of 8.8, has been discovered in Open Identity Platform OpenAM, a comprehensive access management solution. This...
View ArticleFrom QAKBOT to Custom Malware: The Adaptability of UNC4393
A new report from Mandiant, a leading cybersecurity firm, paints a comprehensive picture of UNC4393, a prolific ransomware gang that has attacked organizations across the globe. The report offers...
View ArticleAI-Driven TEMPEST Attacks: Uruguay Team Reveals Method to Intercept Screen Data
Researchers in Uruguay have recently discovered a method to use artificial intelligence (AI) to eavesdrop on victims’ screens through electromagnetic radiation leaks from computer cables and monitors....
View ArticleActively Exploited Apache OFBiz Flaw Triggers Urgent Security Alert
In recent weeks, security researchers have observed an alarming uptick in scanning attempts for the CVE-2024-32113 vulnerability in Apache OFBiz, a widely used suite of enterprise software tools. The...
View ArticleCritical CVE-2024-6220 Vulnerability in Keydatas WordPress Plugin Actively...
A critical vulnerability (CVE-2024-6220, CVSS 9.8) in the popular Keydatas (简数采集器) WordPress plugin is being actively exploited, putting thousands of websites at risk of complete takeover. This flaw...
View ArticleRAISECOM Gateways Exposed: Remote Command Execution Flaw Impacts 25,000+ Devices
Security researchers have identified a vulnerability, tracked as CVE-2024-7120, in RAISECOM Gateway devices, exposing over 25,000 devices worldwide to potential remote attacks. The flaw, a command...
View ArticleDigiCert Revokes Certificates: What You Need to Know
Earlier, the renowned digital certificate authority DigiCert issued a notification stating that due to errors in the verification process, approximately 0.4% of certificates need to be revoked. We have...
View ArticleCrowdStrike, Microsoft Face Lawsuit from Delta Air Lines After System Crash
On July 19, a software configuration update released by the cybersecurity company CrowdStrike, which had not been thoroughly tested, caused approximately 8.5 million enterprise-level devices worldwide...
View ArticleWhy Reddit Blocked Bing and Other Search Engines
Recently, the well-known online community Reddit has banned all search engines except Google, allowing only Google to continue indexing Reddit’s content. The reason is straightforward: Google pays...
View ArticleModiLoader Takes Over: Phishing Frenzy Targets Poland
In May, ESET detected extensive phishing campaigns targeting small and medium-sized businesses in Poland, Italy, and Romania. These attacks resulted in the installation of several malicious programs on...
View ArticleWazirX Faces Backlash Over Socialized Losses from $230M Cyberattack
The Indian cryptocurrency exchange WazirX has announced a plan to “socialize” $230 million in losses from a recent cyberattack. This decision has sparked outrage within the local cryptocurrency...
View ArticleMicrosoft 365 Boosts Security with Free Defender VPN
Recently, Microsoft announced an expansion of the benefits for Microsoft 365 Personal and Family subscriptions, introducing the Microsoft Defender VPN service. This service, available for free,...
View ArticleBitdefender Patches Critical Vulnerability in GravityZone Update Server
Bitdefender, a leading cybersecurity solutions provider, has issued an urgent patch for a critical vulnerability (CVE-2024-6980) in its GravityZone Update Server. The vulnerability, discovered by...
View ArticleCrowdStrike Bug Exploited: Handala Hacking Team Targets Israel
Recently, the hacker group Handala Hacking Team launched an attack on Israeli targets, disseminating malware through phishing emails that exploited the theme of a Falcon Sensor bug fix from...
View Article