Internet Security

Google links three exploitation frameworks to Spanish commercial spyware vendor Variston

December 1, 2022 add comment
Google’s Threat Analysis Group (TAG) linked three exploitation frameworks to a Spanish surveillance spyware vendor named Variston. While tracking the activities of commercial spyware vendors, Threat Analysis Group (TAG)... Read more »

Attackers abused the popular TikTok Invisible Challenge to spread info-stealer

November 30, 2022 add comment
Threat actors are exploiting interest in a popular TikTok challenge, dubbed Invisible Challenge, to trick users into downloading info-stealing malware. Threat actors are exploiting the popularity of a TikTok... Read more »

China-linked UNC4191 APT relies on USB Devices in attacks against entities in the Philippines

November 30, 2022 add comment
An alleged China-linked cyberespionage group, tracked as UNC4191, used USB devices in attacks aimed at Philippines entities. Mandiant researchers spotted an alleged China-linked cyberespionage group, tracked as UNC4191, leveraging... Read more »

ENC Security, the encryption provider for Sony and Lexar, leaked sensitive data for over a year

November 30, 2022 add comment
CyberNews experts discovered that ENC Security, a Netherlands software company, had been leaking critical business data since May 2021. Original post at https://cybernews.com/security/encsecurity-leaked-sensitive-data/ When you buy a Sony, Lexar,... Read more »

Threat actors are offering access to corporate networks via unauthorized Fortinet VPN access

November 29, 2022 add comment
Cyble observed Initial Access Brokers (IABs) offering access to enterprise networks compromised via a critical flaw in Fortinet products. Researchers at Cyble have observed initial access brokers (IABs) selling access... Read more »

CISA adds Oracle Fusion Middleware flaw to its Known Exploited Vulnerabilities Catalog

November 29, 2022 add comment
CISA added a critical flaw impacting Oracle Fusion Middleware, tracked as CVE-2021-35587, to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) a critical vulnerability impacting... Read more »

Tips for Gamifying Your Cybersecurity Awareness Training Program

November 29, 2022 add comment
In today’s technological world, educating people about cybersecurity awareness is an absolute necessity. According to one report, 82% of data breaches involved the human element, from social attacks to... Read more »

Irish data protection commission fines Meta over 2021 data-scraping leak

November 29, 2022 add comment
Irish data protection commission (DPC) fined Meta for not protecting Facebook’s users’ data from scraping. Meta has been fined €265 million ($275.5 million) by the Irish data protection commission (DPC)... Read more »

A flaw in some Acer laptops can be used to bypass security features

November 29, 2022 add comment
ESET announced the discovery of a vulnerability impacting Acer laptops that can allow an attacker to deactivate UEFI Secure Boot. ESET researchers announced in a series of tweets the... Read more »

Experts found a vulnerability in AWS AppSync

November 29, 2022 add comment
Amazon Web Services (AWS) fixed a cross-tenant vulnerability that could have allowed attackers to gain unauthorized access to resources. Amazon Web Services (AWS) has addressed a cross-tenant confused deputy... Read more »
Subscribe to our Newsletter