Cybersecurity News
Android spyware strains linked to state-sponsored Confucius threat group
First detected in 2013, Confucius has been linked to attacks on governments in Southeast Asia, and targeted strikes on Pakistani military personnel, Indian election officials, and nuclear agencies.Read More
Researchers Discover 30 Popular Mobile Health Apps Exposing Millions of Patient Records
With people increasingly relying on mHealth apps during the COVID-19 pandemic, researchers observed that such apps are now generating more user activities compared to other mobile apps. Read More
Siemens Patches 21 More File Parsing Vulnerabilities in PLM Products
Siemens this week released nine new security advisories describing vulnerabilities affecting the company’s products.The biggest advisory covers 21 security holes affecting JT2Go, a 3D viewing tool for JT data (ISO-standardized 3D data format), and Teamcenter Visualization, which provides organizations visualization solutions for documents, 2D drawings, and 3D models. These products are made by Siemens Digital Industries Software, which […]
Domestic Kitten is Actively Surveilling Enemies of the Iranian State
Domestic Kitten (aka APT-C-50), an Iran-based threat group, has been conducting widespread surveillance campaigns targeting over 1,200 individuals. At present, four active campaigns have been discovered by experts that target individuals located in Iran, the U.S., Pakistan, and Afghanistan. These campaigns have been active since 2016.What has been discovered?This operation had 10 unique campaigns that targeted over […]
If you use Slack on Android, reset your password now
Slack is asking affected users to reset their passwords.Slack found that one of its app versions on Android was storing passwords in plaintext, leaving affected users vulnerable.The company has fixed the bug and is now starting to intimate affected users to reset their passwords.Slack says there is no evidence of unauthorized or third-party access, but […]
Understanding the Use of Cryptocurrency by Ransomware Operators
Ransomware-as-a-Service (RaaS) has become a lucrative enterprise. As per research by Chainalysis, blockchain transactions prove that ransomware attacks are interconnected. What does the research say? The report connects the four major ransomware families of 2020 – egregor, SunCrypt, DoppelPaymer, and the now-defunct Maze. Blockchain analysis displays overlapping of affiliates, along with other connections, between these […]
Vulnerabilities in Apple devices reportedly being targeted by attackers
Apple has released an updated software version 14.4 for iOS, iPadOS, and tvOS. This update fixes three significant weaknesses in the system that could allow an attacker to access a person’s device without authorization.Anyone with an Apple device MUST immediately update their devices.What’s happeningSystems affectedApple have stated the vulnerabilities affect three of their operating systems:iOSiPadOStvOSFor […]
Critical vulnerabilities identified in Microsoft Windows
As part of regular security updates, Microsoft has released fixes for critical vulnerabilities in Windows which an attacker could use to compromise Windows devices. By applying the latest updates from Microsoft, you can secure all your Windows devices. What’s happening Systems affected All supported versions of Microsoft Windows are known to be affected by these […]