Data Security

A group of Chinese researchers have just released a paper in which they make the claim that they are capable of breaking 2048-bit RSA, despite the fact that they have not yet done so. It is important to treat this matter seriously. It’s possible that it’s incorrect, but there’s no denying that it’s not right. […]

MITRE ATT&CK reveals the intentions of the attackers to the defenders, which results in a significant reduction in the number of criminals hiding behind rocks and structures. MITRE offers a consistent pattern that may be altered as required to match the “score” of an organization’s threat intelligence requirements. This is similar to the concept of […]

In order to resolve two separate cases launched by the states of Indiana and the District of Columbia about the “deceptive” location monitoring practices of Google, the company has reached an agreement to pay a combined amount of $29.5 million.The complaints were filed as a reaction to discoveries made in 2018 that the internet business […]

At the beginning of the year 2022, there was a surge in employment opportunities within the technology industry. However, by the end of the year, many of the major players in the industry, such as Meta, Microsoft, and Amazon, had begun to cut back on hiring due to concerns about the state of the global […]

In the world of cybercrime, social engineering refers to a method of manipulation that is used to collect sensitive information from people. You may have been the subject of a social engineering attack if you have ever gotten an unexpected phone call or email from someone asking for your account number, social security number, or […]

BlueNoroff is a part of the infamous Lazarus Group, and it has been detected incorporating new strategies into its playbook. These new strategies allow BlueNoroff to circumvent the defenses provided by Windows Mark of the Web (MotW). According to a research that was released today by Kaspersky, this involves the usage of file formats with an […]

On December 19th, several Xfinity email users started getting messages informing them that their account information had been updated. In spite of this, when they attempted to access the accounts, they were unable to do so since the passwords had been altered. They found out they had been hacked when they were able to recover […]

Recent cyberattacks utilizing the Play ransomware were spotted targeting Exchange servers. These attacks used a novel exploit chain that circumvented the protections provided by Microsoft’s ProxyNotShell. When the researchers were looking into Play ransomware infections, they found that the most prevalent entry vector was Microsoft Exchange, therefore they discovered that the vulnerability CVE-2022-41082 was being […]

At least nine persons, including Greenwood and Ignatova, have been charged with fraud in connection with OneCoin by the United States government in four separate but connected cases. The Chinese government has brought charges against 98 individuals on the suspicion that they attempted to sell OneCoin. 18 people were taken into police custody in India […]

Researchers from HackSys Inc. have provided further information on a security issue in the code execution of Foxit PDF Reader.  On vulnerable installations of Foxit PDF Reader 11.2.1.53537, remote attackers are able to carry out the execution of arbitrary code thanks to this issue. Exploiting this issue requires user involvement in the sense that the […]

The Securities and Exchange Commission (SEC) has just announced that it will be filing charges against eight individuals in connection with a $100 million securities fraud scheme. In this scheme, the defendants manipulated exchange-traded stocks by using the social media platforms Twitter and Discord. Securities fraud, also known as stock fraud and investment fraud, is […]

By offering industry-driven, adaptable, and efficient data security standards and programs that assist businesses in identifying, mitigating, and preventing cyberattacks and breaches, the PCI Security Standards Council (PCI SSC) is at the forefront of an international, cross-industry effort to strengthen payment security. PCI Secure Software Standard version 1.2 and its related program documentation were both […]

The most recent version of the Tor Browser is a specially packaged version of Firefox 102 ESR that automates the process of establishing a connection to the TOR network. The latest Extended Support Release (ESR) of Firefox is version 102, which is also one of the most secure browser options. Version 12 of the Tor […]

Any contemporary software company must have environments, procedures, and systems for continuous integration and continuous delivery. They transport the code written at an engineer’s workstation to the production environment. The engineering ecosystem has been significantly reformed as a result of the proliferation of CI/CD systems and procedures, which has also been accompanied by the growth […]

Web application firewalls, also known as WAFs, are intended to protect web-based applications and application programming interfaces (APIs) from malicious HTTPS traffic coming from the outside, particularly cross-site scripting and SQL injection attacks, which never seem to fall off the security radar. SQL injection in particular is a constant among the output of automated code […]

Because companies  either do not teach their staff enough or have inadequate email security measures in place, many firms, ranging from start-ups to multinational enterprises, are susceptible to phishing and other email-based frauds. These frauds may take many different forms. By strengthening the security of your email and providing your employees with training, you may avoid […]

Platform certificates, also known as platform keys, are used by OEM Android device makers to certify the core ROM images of their devices. These images include the Android operating system and any related applications. The application signing certificate that was used to sign the “android” program that was stored on the system image is known […]

The remote code execution vulnerability that affected Visual Studio Code and was fixed by Microsoft in October was the subject of a proof-of-concept (PoC) attack that was made public online. The security vulnerability, which has been given the identifier CVE-2022-41034, has the potential to give remote attackers complete control of susceptible computers. The simplicity of […]

Over 70,000 individuals are receiving text messages from the police informing them that they have been victims of online banking frauds and providing them with instructions on what they should do next. The communications are being sent out by the Metropolitan Police as a part of the UK’s greatest ever anti-fraud blitz, which is following […]

A gang of hackers has been responsible for the hacking of WhatsApp in recent days, which resulted in the disclosure of a number of users’ contact information. Not only may they get access to your private information, but they can also steal money from your account. What should you do to prevent it? Take the […]

Recent data breaches have driven fast reforms to Australia’s cybersecurity and data protection rules, and the most recent development looks to be the formation of a cyber task force that will “hack back” and aggressively pursue what Minister for Home Affairs Clare O’Neil termed “scumbags.” Due to the fact that millions of Australian citizens have […]