02 Apr 2020

Two Zoom Zero-Day Flaws Uncovered

Patrick Wardle, a security researcher with Jamf, has uncovered two zero-day flaws in the Zoom macOS client version. The telecom and online class platform vulnerabilities have the potential to give local attackers root privileges, which subsequently allow the attackers to access the victims’ microphone and camera. The two flaws have

Read More
02 Apr 2020

‘Secure’ Backup Company Leaks 135 Million Records Online

VpnMentor has discovered that a company claiming to provide secure backups, SOS Online Backup, has leaked metadata and customer information in over 135 million records after a misconfigured online database was uncovered by cybersecurity researchers. The incident was exposed as part of vpnMentor’s ongoing mapping project that already found major

Read More
01 Apr 2020

Sensitive Voter Data Exposed by App Used in US Elections

According to cybersecurity company UpGaurd, sensitive information about US voters was left exposed as a result of a data breach by the application Campaign Sidekick, which functions as a voter contact and canvassing app. Campaign Sidekick is used by the Republican party in election campaigns. UpGaurd found that an unprotected

Read More
01 Apr 2020

NATO Report Warns of New Authoritarian Chinese Splinternet

The Chinese government, according to a new NATO report, plans to create a new internet architecture that could potentially broaden the threat landscape, destabilize privacy, and fragment the global internet. The report also states that the standardization was first proposed at the UN’s International Telecommunication Union last September. The plan

Read More
01 Apr 2020

Critical WordPress Plugin Bug Lets Hackers Turn Users Into Admins

A vulnerability has been found in the WordPress SEO Plugin that allows attackers to give admin privileges to any registered users on sites run by WordPress. This leaves 200,000 sites with active installations vulnerable to attack if left unpatched. The plugin, called Rank math, allows website owners to perform search

Read More
01 Apr 2020

Millions of Guests Impacted in Marriott Data Breach, Again

Marriott hotel empire has suffered from its second major data breach in the span of two years. The most recent was disclosed by Marriott on Tuesday. The breach affected 5.2 million customers after an attack was carried out on the chain via third-party software that Mariott uses to provide guest

Read More
31 Mar 2020

Zeus Sphinx Banking Trojan Arises Amid COVID-19

After three years, the Zeus Sphinx banking trojan has returned to the cybersecurity scene amid the global pandemic, aiming to capitalize on government relief efforts. According to two researchers at IBM X-Force, Amir Gandler and Limor Kessem, the trojan began resurfacing in December, however, there has been a significant increase

Read More
31 Mar 2020

FBI Warns of Ongoing Zoom-Bombing Attacks on Video Meetings

Yesterday, the US Federal Bureau of Investigation (FBI) warned of what has been deemed “Zoom bombing,” in which people hijack Zoom video conferences currently popular for telecommuting and online classes. The goal of these hijackers is to disrupt those meetings electronically over the platform or pulling pranks that are later

Read More
30 Mar 2020

GitHub Paid Out Over $1 Million in Bug Bounties

This week, GitHub announced that it had paid hackers over $1 million in bug bounties across all of its programs in 2020 alone. The security bug program was launched in 2016 but has been accepting vulnerability reports since February of 2014. In 2019, the Microsoft owned company paid almost $600,000

Read More
30 Mar 2020

FTC Warns VoIP Providers to Stop Facilitating Coronavirus Scams

Recently, the US Federal Trade Commission administered a warning to nine different VoIP service providers against assisting and facilitating illegal robocalls that target individuals and capitalize on public anxiety surrounding the recent COVID-19 pandemic. The FTC warns that the robocalls prey on consumer fear of the pandemic to disseminate false

Read More