General Security News
-
Facebook to Pay $725 Million to settle Lawsuit Over Cambridge Analytica Data Leak
Meta Platforms, the parent company of Facebook, Instagram, and WhatsApp, has agreed to pay $725 million to settle a long-running class-action...
-
GuLoader Malware Utilizing New Techniques to Evade Security Software
Cybersecurity researchers have exposed a wide variety of techniques adopted by an advanced malware downloader called GuLoader to evade security...
-
2022 Top Five Immediate Threats in Geopolitical Context
As we are nearing the end of 2022, looking at the most concerning threats of this turbulent year in terms of testing numbers offers a threat-based...
-
W4SP Stealer Discovered in Multiple PyPI Packages Under Various Names
Threat actors have published yet another round of malicious packages to Python Package Index (PyPI) with the goal of delivering...
-
FrodoPIR: New Privacy-Focused Database Querying System
The developers behind the Brave open-source web browser have revealed a new privacy-preserving data querying and retrieval system called FrodoPIR....
-
Researchers Warn of Kavach 2FA Phishing Attacks Targeting Indian Govt. Officials
A new targeted phishing campaign has zoomed in on a two-factor authentication solution called Kavach that's used by Indian government officials....
-
KmsdBot Botnet Leverages SSH to Compromise Systems and to Launch DDoS Attacks
Researchers from Akamai have continued to study the cryptomining botnet KmsdBot and have looked at its attack flow. It is believed that KmsdBot is...
-
OWASSRF – New Exploit Let Attacker Execute Remote Code on Microsoft Exchange Server
There is a new exploit chain dubbed, OWASSRF that threat actors are actively exploiting to gain arbitrary code execution through Outlook Web...
-
France Fines Microsoft €60 Million for Using Advertising Cookies Without User Consent
France's privacy watchdog has imposed a €60 million ($63.88 million) fine against Microsoft's Ireland subsidiary for dropping advertising cookies...
-
LastPass Admits to Severe Data Breach, Encrypted Password Vaults Stolen
The August 2022 security breach of LastPass may have been more severe than previously disclosed by the company. The popular password management...
-
FIN7 Cybercrime Syndicate Emerges as a Major Player in Ransomware Landscape
An exhaustive analysis of FIN7 has unmasked the cybercrime syndicate's organizational hierarchy, alongside unraveling its role as an affiliate for...
-
Windows Code-Execution Vulnerability Let Attackers Run Malicious Code Without Authentication
It has recently been discovered by researchers that Windows has a vulnerability that allows code execution that rivals EternalBlue in terms of...