27 May 2022

Critical Flaws in Popular ICS Platform Can Trigger RCE

Cisco Talos has reportedly uncovered eight vulnerabilities in the Open Automation Software, a popular industrial control system (ICS) platform. Two of the flaws are categorized as critical, meaning that they pose a risk for infrastructure networks and should be addressed immediately. Exploiting the flaws could lead to remote code execution

Read More
27 May 2022

Ed tech wrongfully tracked school children during pandemic says Human Rights Watch

According to Human Rights Watch (HRW), students who were required to use government-endorsed education technology, also referred to as ed tech, during the Covid-19 pandemic may have been subject to a variety of harmful cyber practices, such as keystroke monitoring and data collection. In addition, the HRW alleges that the

Read More
26 May 2022

Multi-Continental Operation Leads to Arrest of Cybercrime Gang Leader

Interpol has announced that the organization was able to track down and apprehend the suspected leader of a transnational cybercrime syndicate. The 37-year-old individual was arrested in Nigeria and is believed to have lead major phishing campaigns, business email compromise schemes, and other malicious behavior that targeted companies and individuals.

Read More
26 May 2022

Google Chrome 102 arrives with 32 security fixes, one critical

Google has released a new version of Chrome, Chrome 102, that contains 32 security fixes applying to Windows, Mac, and Linux devices. The vulnerabilities were allegedly reported to Google by external researchers and consist of one critical flaw, eight high severity, nine medium severity, and seven low severity. In addition

Read More
25 May 2022

Senate Report says US Government Lacks Comprehensive Data on Ransomware

According to a new Senate report by the US Senate Committee on Homeland Security and Governmental Affairs, the US lacks comprehensive data regarding ransomware attacks. This includes details such as financial losses both in ransom payments and to companies while suffering from the attack and attempting to remedy the effects.

Read More
25 May 2022

Fronton IOT Botnet Packs Disinformation Punch

Cybersecurity researchers claim that the Fronton botnet boasts a far larger arsenal of abilities than just launching a DDoS attack. Researchers allege that the botnet can track social media trends and launch suitable propaganda in addition to its cyberattack skills. A new look at the botnet reveals that the criminal

Read More
24 May 2022

Credit card skimmers are switching techniques to hide their attacks

Microsoft has reported that card-skimming malware that aim to steal bank card details are increasingly turning towards utilizing malicious PHP script on web servers to manipulate payment pages. This enables the attacker to bypass browser defenses triggered by JavaScript code. Microsoft says that its researchers have observed the shift in

Read More
23 May 2022

DoJ Says White Hat Hackers Will No Longer Face Prosecution

The US Department of Justice (DoJ) recently announced that it will not prosecute “good faith” hackers in a historic policy shift. Up until this point, even white hat hackers could be prosecuted under the Computer Fraud and Abuse Act (CFAA), even when done to improve cybersecurity. The DoJ identified good-faith

Read More
20 May 2022

380K Kubernetes API Servers Exposed to Public Internet

According to the Shadowserver Foundation, who first discovered the security incident, more than 380,000 of 450,000 Kubernetes servers hosting the open-source container-orchestration engine for managing cloud deployments are vulnerable to third party access. The popular engine for managing cloud deployments is therefore an easy target, providing a broad attack surface

Read More
19 May 2022

Personal Information of Nearly Two Million Texans Exposed

According to a public notice released by the Texas Department of Insurance, the personal information of roughly two million Texans was left exposed on the internet for three years due to a programming issue. The department stated that the details of workers who have filed compensation claims were left unsecured

Read More