CISA, FBI, and NSA released a joint Cybersecurity Advisory that details ongoing cyber threats faced by the U.S. Water and Wastewater Systems (WWS) sector, including cyber intrusions leading to ransomware attacks
Ransomware and Covid-related cybercrime's biggest threats to UK security. National Cyber Security Centre chief executive Lindy Cameron speaks at Chatham House’s Cyber 2021 Conference
Image source − shutterstock.com Amid a ransomware attack , the Spring Medical Center was held responsible by an Alabama mother, Teiranni Kidd, for her daughter's death. Reputedly, then a failure in the electronic devices due to the Cyberattack , the doctors could not adequately monitor the child's health during delivery. Nicko Silar was killed due to these unfortunate events, though the hospital still stays in denial. At the same time, the suit clearly stated that the computer systems had been...
Image source – pixbay.com The Information sheet contains top hardening recommendations that include using tested and validated VPN products on the National Information Assurance Partnership ( NIAP ) Product Compliant List. Cybersecurity and Infrastructure Security Agency ( CISA ) recommended employing robust authentication methods like multi - factor authentication , promptly applying patches and updates, and reducing the VPN’s attack surface by disabling non-VPN-related features. Readout to...
Image Source – binance.com From supply chains to healthcare sectors, almost all the industries connected to the internet are under the effect of the biggest threat to online security; Ransomware . Considering this, Binance to ensure the security and sustainable growth of the crypto world committed to protect ing and fighting against ransomware and frauds inflicted with it. Working with the Ukraine Cyber Police , Binance released their first case study of the Bullet Proof Exchanger Project ;...
Image source – vonahi.com The MS Word RCE exploit attack uses fraudulently created Microsoft Office files that use the MSHTML browser rendering engine to open an ActiveX control. The ActiveX control shares the user's private information with the attack's mastermind, putting users' sensitive data at risk. Microsoft office RCE bug lets users at risk of data exploitation, creating unrest among users and dropping their trust level on public domains. In our daily routine in 21 st Century, the most...
Image source—freepik.com It is allegedly stated that FinSpy software was sold to the Egyptian government Hosni Mubarak to spy on dissidents and by the Bahraini government to spy on Bahraini activists in Britain – the latter resulting in the software having been found in breach of human rights. FinSpy was thought to be lost and taken care of by the researchers at Kaspersky. Still, after following an eight -month investigation led by Kaspersky, it has been seen that it did not disappear but was...
Image source - idagent.com Raid Forum , the famous dark web forum marketplace with 445,000 users allowing them to sell and purchase exclusive data leaks and sharing sources, was seen as unresponsive to users. The issue was reported earlier, on Oct 1, 2021 . The forum 'Omnipotent' owner addressed the issue, stating that the Website is down due to the domain's suspension and that the problem is in process. Image source – cybernews.com Meanwhile, some other trusted websites also reported the issue...
Image source — freepik.com One of Google's Threat Analysis group Research officers Neel Mehta, specializing in research in hacking and electronic frauds claims in a report that a new technique of changing digital signatures of files is now being used to evade detection from the windows security systems. According to Neel, this technique was developed by a known family of unwanted software named as OpenSUdater . The developers behind OpenSUdater tried to hide their identity by creating malformed...
Image source — freepik.com In recent depth analysis of Microsoft Threat Intelligence Centre (MSTIC) declared a newly detected NOBELIUM malware: a post-exploitation backdoor referred to as FoggyWeb . Microsoft has notified all customers observed being targeted or compromised by this activity. Said Nafasi in a disclosure blog Microsoft profiled NOBELIUM’s GoldMax, Goldfinger, and Sibot malware, used for layered persistence and early toolset comprising EnvyScout, BoomBox, NativeZone , and...
Image source – freepik.com Instagram, Facebook, and WhatsApp didn’t work in the USA, Europe, Russia, and some Asian countries for more than six hours yesterday October 4 th , 2021. Some users also complain about interruptions in Twitter, TikTok, YouTube, Google, and Amazon; the crypto exchange CoinBase does not work either. Just in the peak of Facebook’s operation disruption, CoolTechZone leaks hunters stumbled upon thread on a DarkNet forum pretended being e a cause of problems and given away...
Image source – freepik.com Hackers use Twitter bots to get access to Twitter users' personal information and make payments to their accounts using PayPal and Venmo payments . The fraudsters are using fake profiles using profile pictures of the source and are tricking users into transferring their funds to their accounts. The Twitter chatbot scam has particularly risen during the covid-19 lockdown as the world moved to online markets, an ideal scenario for the scammers to loot their targets. The...
Image source - kaspersky.com Kaspersky, the cybersecurity solutions provider, has recently discovered a new type of Trojan that affects online gamers and steals the gamer's data. Different attacks have been recorded in Europe, Asia-Pacific regions, and Latin America. An advanced Trojan can steal user's data from online gaming platforms. Kaspersky's research highlights that gaming goods and products are nowadays in demand on the darknet. The logins and password combinations required at different...
Image source - Shutterstock Alert! The world is in danger again! Microsoft warns of critical vulnerability “PrintNightmare” (CVE-2021-34527) in Windows Print Spooler service. Last week the world shook with horror! On July 1, Microsoft alerted system administrators to the critical zero-day vulnerability CVE-2021-34527 in the Print Manager service of all currently supported versions of Windows. Information security specialists dubbed the discovered vulnerability "PrintNightmare" because the...
The group of researchers from Forescout has completed another portion of vulnerabilities investigation. The new report will be published after 4th August 2021. It will reveal all-new 14 flows in a very popular network stack used by various devices, starting with common IT and ending up on IIoT from giant vendors. 📑 Table of Contents New portion of critical and high-scored vulnerabilities. Recent discoveries of Project Memoria. How to proceed and protect yourself? New portion of critical and...
I know that many users don't like applying and installing updates. I should say it is a really bad practice, especially in a business environment. But even there, a lot of iOS users postpone accepting new versions of an operating system together with the newest patches for vulnerabilities . Now we have a great example of why it is critical. 📑 Table of Contents What is RCE for CVE-2021-30800, and where it comes from? Original vulnerability is much harmless. How to proceed and protect yourself?...
As of 2021, Google Play Store has the 1 st spot with an estimated 4 million apps available for download to android users. In contrast, Apple App Store stands in the 2 nd spot with around 2.4 million apps available to IOS users. Both companies' inability to security audit every app being uploaded or available over the Stores leads to a severe threat. The threat is it provides bad actors with an opportunity to upload bogus/fake Apps. These bogus Apps are only intended to steal the data as soon as...
To look at your data from a black-hats view and know what they find on you in the global network, i.e., the Internet, you have to get in the shoes of a black-hat hacker and develop a hacker mindset . You will not find an article of this aptitude on any other site. I have shared my experience as an Ethical Hacker and cybersecurity expert . But a layman can't become a black-hat in a day or think, act, and behave like one over the global network. If it were that easy, everyone would have been a...
It appears quite usual (I mean not one a decade anymore) to witness the release of a new operating system from Windows. The new Windows 11 still lacks many expected features, which were implemented by other vendors, like better homeworking through free choice of mics or cameras, faster Windows update, and others. But I care mainly about another question – security . 📑 Table of Contents Microsoft claimed Windows 11 more secure than previous versions? Windows 11 exploit's the black market...
Ever since the inception of computing systems and devices, there have also existed many vulnerabilities in these systems as well. These vulnerabilities in the right hands lead to the improvement of a system, but in the wrong hands can cause many damages . In our article below, we will look at a particular type of vulnerability known as a Zero-Day vulnerability or simply a zero-day vulnerability. We would also be looking at the different markets where one could sell a zero-day along with the...
We were lucky to be born at a time when superheroes left the screens of cinemas and settled among us. Their job is to protect our privacy at all costs. They do not wear raincoats and bright costumes, but this does not diminish their merits in the least. These heroes are cybersecurity specialists who sometimes risk everything to save humanity from the hands of dangerous hackers who seek to disrupt our daily life. If you want to connect your life with information security , you have come to the...
