India has recently mandated all internet service providers to gather their respective user data for the last five years, based on a press release by the CERT-IN (Indian Computer Emergency Response Team). CERT-In also added that they would be amassing data from service providers such as data centres, VPNs, body corporate, and intermediaries under the...Continue Reading
In the latter days of April, a researcher identified, obstructed, and reported two packages that they classified as malicious versions of original AWS packages. This package backfill discovery showed a new takeover method that targets AWS, where hackers scan AWS projects for dependencies that are not assessed in the public npmjs registry and use their...Continue Reading
Several months after security analysts found the critical zero-day flaw under the Java logging library Apache Log4j, they disclosed that many servers and applications are still prone to cyberattacks posed by the flaw due to failure to apply proper security patches. The vulnerability tracked as CVE-2021-44228 was first detailed last December, allowing hackers to launch...Continue Reading
Three firmware bugs were found in Lenovo devices, which the tech firm immediately patched after discovering that they could be exploited for Unified Extensible Firmware Interface (UEFI) attacks. The vulnerabilities were assigned as CVE-2021-3970, CVE-2021-3971, and CVE-2021-3972 and used for deploying and executing UEFI malware through SPI flash implants or ESP implants inside Lenovo Notebook...Continue Reading
The North Korean-sponsored advanced persistent threat (APT) group called Lazarus targets organisations that operate in South Korea’s chemical sector. This current espionage campaign appears to be the sequel of the Operation Dream Job conducted by the same APT group discovered by researchers in August last year. At the beginning of the year, a research team...Continue Reading
The US Department of Justice (DOJ) has announced that they have successfully eradicated the Cyclops Blink malware that attacked vulnerable internet-connected firewall devices of WatchGuard and Asus tech firms. This operation interrupted the Russian Federation’s Main Intelligence Directorate (GRU)’s control over the botnet that infected thousands of devices. Previously attributed to Russia’s GRU, the Sandworm...Continue Reading
The BitRAT malware campaign is seen attacking users searching for unofficial Windows license activators to activate cracked or pirated Windows Operating System versions. Security researchers observed a phishing attack that distributes Windows 10 Pro license activators in an online store. However, the offered activators of the phishing actors are malicious and composed of BitRAT malware....Continue Reading
Researchers discovered a new ransomware operation called DeadBolt which already impacted many QNAP NAS devices by encrypting its data. According to the latest reports, ransomware has already targeted and affected approximately 3,600 QNAP devices worldwide. The DeadBolt threat actors exploit a zero-day flaw to infect and compromise QNAP devices and encrypt files using their ransomware....Continue Reading
Based on recent reports in Japan, Kyoto University has lost approximately 80 terabytes of irretrievable data due to the HPE software update of their supercomputer’s backup system. The data loss incident happened last December 14 to 16 last year and resulted in over 30 million files from about 14 research groups being removed from the...Continue Reading
The Firefox 94 browser has recently undergone an issue wherein people’s usernames and passwords were recorded in the Cloud Clipboard feature of Windows. Nonetheless, Mozilla has released a patch into this issue, categorizing it as a severe security risk that can expose users’ credentials to threat actors as they copy or cut their usernames and...Continue Reading