General Security News
-
OWASSRF – New Exploit Let Attacker Execute Remote Code on Microsoft Exchange Server
There is a new exploit chain dubbed, OWASSRF that threat actors are actively exploiting to gain arbitrary code execution through Outlook Web...
-
France Fines Microsoft €60 Million for Using Advertising Cookies Without User Consent
France's privacy watchdog has imposed a €60 million ($63.88 million) fine against Microsoft's Ireland subsidiary for dropping advertising cookies...
-
LastPass Admits to Severe Data Breach, Encrypted Password Vaults Stolen
The August 2022 security breach of LastPass may have been more severe than previously disclosed by the company. The popular password management...
-
FIN7 Cybercrime Syndicate Emerges as a Major Player in Ransomware Landscape
An exhaustive analysis of FIN7 has unmasked the cybercrime syndicate's organizational hierarchy, alongside unraveling its role as an affiliate for...
-
Windows Code-Execution Vulnerability Let Attackers Run Malicious Code Without Authentication
It has recently been discovered by researchers that Windows has a vulnerability that allows code execution that rivals EternalBlue in terms of...
-
Hackers Use New BrasDex Android Malware to Steal Users’ Banking Details
A new Android trojan called BrasDex has been identified as the work of the same threat actors responsible for the Casbaneiro malware that targets...
-
Hackers Breach Okta's GitHub Repositories, Steal Source Code
Okta, a company that provides identity and access management services, disclosed on Wednesday that some of its source code repositories were...
-
Raspberry Robin Worm Strikes Again, Targeting Telecom and Government Systems
The Raspberry Robin worm has been used in attacks against telecommunications and government office systems across Latin America, Australia, and...
-
The Rise of the Rookie Hacker - A New Trend to Reckon With
More zero knowledge attacks, more leaked credentials, more Gen-Z cyber crimes - 2022 trends and 2023 predictions. Cybercrime remains a major threat...
-
Google’s New End-To-End Encryption for Gmail on the Web
On Friday, Google released a beta version of Client-side encryption (CSE) for Gmail. This newest service is only useful to organisations that can...
-
Microsoft Discovered a Vulnerability in macOS That Allow Attackers to Install Malware
The macOS operating system was fixed recently by Apple to eliminate a vulnerability found and reported by the principal security researcher of...
-
My Identity was Stolen! Here’s How You Might Become a Target
Impersonating someone is an activity as old as mankind and has been performed to a great comedic effect by comedians and clowns throughout the...