Findings published by Mozilla exposed a worrying concern about the lack of security and user privacy for mental health apps found on mobile application stores. These apps are valuable for people undergoing personal distress like anxiety, PTSD, domestic violence, etc. Some religion-themed apps are also discovered in a similar case. The study made by Mozilla...Continue Reading
After a cyberattack targeted their vendor, the library lending app Onleihe announced problems in multiple media formats endorsed on the platform, like audio, video, and e-book files. Onleihe is an application that enables visitors and users to connect to local libraries and borrow e-magazines and audiobooks. The application is utilised by various universities in Europe...Continue Reading
Several months after security analysts found the critical zero-day flaw under the Java logging library Apache Log4j, they disclosed that many servers and applications are still prone to cyberattacks posed by the flaw due to failure to apply proper security patches. The vulnerability tracked as CVE-2021-44228 was first detailed last December, allowing hackers to launch...Continue Reading
Scammers are becoming more advanced as technology progresses after security researchers discovered that AI-generated images are being used to conduct fraudulent activities. Based on a report, one victim received a suspicious email from an alleged attorney in a Boston law firm. After examining the email’s sender, it turned out that they are non-existent, and the...Continue Reading
Researchers claimed that the Nokoyawa ransomware showed similarities with the Hive group after noticing resemblances in their tricks, tactics, and procedures (TTPs). However, the researchers have taken a step back and reevaluated some things after separate researchers shared new details and discoveries on the Nokoyawa ransomware. The Nokoyawa showed signs of being Hive related,...Continue Reading
A security flaw was found within Google’s VirusTotal platform, allowing threat actors to exploit it to accomplish remote code execution or RCE via the unpatched third-party sandboxing machines employing anti-virus applications. The vulnerability was fixed immediately after being discovered. VirusTotal is a malware-scanning platform under Google’s security subsidiary that investigates suspicious links, domains, and files...Continue Reading
Some academic researchers reported and warned that the Webex video-conferencing application owned by Cisco, and others, still monitor users’ microphone devices even if they have muted it from their end. The researchers also added that the telemetry data that the application transmits to user servers could be used to identify background activities happening from the...Continue Reading
Researchers have provided a thorough discussion regarding the newly upgraded strain of the SolarMarker malware. Based on reports, the malware operators of the SolarMarker have now included improvements, along with an upgraded defence evasion mechanism to remain undetected and bypass security solutions. The operators of this new malware variant use stealthy Windows Registry tactics to...Continue Reading
Since Windows has released its newest system version, Windows 11, threat actors have leveraged it to spread data-stealing malware that could affect users’ computers and compromise their privacy. This new malicious campaign involves the threat actors establishing a fake Windows 11 update website that baits users to update their computers so that the malware called...Continue Reading
Several reports of cyberattacks targeting the cryptocurrency landscape have been emerging recently, with the Decentralized Finance or DeFi platforms being one of the most attacked. The platform suffered various attacks that caused it to lose massive funds through crypto scams. Security analysts revealed that in 2021, there was over $3 billion worth of digital assets...Continue Reading
