Cloudy with a Chance of Data: Exploring Data Security in the Cloud Today’s digital landscape is characterized by approximately 60% of corporate data residing in the cloud. Amazon S3 serves as the data-storage backbone for many major corporations. Despite the reputation and security offered by Amazon S3, its role in handling vast amounts of sensitive
Read More
VMware Releases Security Update for vCenter Server Issue – VMware has rolled out security patches to address a critical flaw in the vCenter Server. – The flaw, CVE-2023-34048, poses a risk for remote code execution on the affected systems. – It’s an out-of-bounds write vulnerability related to the DCE/RPC protocol. – Malicious actors with network
Read More
Scan and Deliver: ‘GoPIX’ Malware Targets Brazil’s Instant Payment System High usage of Brazil’s instant payment system, PIX, has made it attractive to cybercriminals employing a new malware, GoPIX. Cybersecurity firm Kaspersky has tracked an active campaign since December 2022, characterizing the attacks as originating from malicious ads. Vulnerabilities appear when users search for “WhatsApp
Read More
Summary of Key Points VMware has informed customers of a proof-of-concept (PoC) exploit involving a recently fixed security flaw in Aria Operations for Logs. The severe vulnerability, tagged as CVE-2023-34051 with a CVSS score of 8.1, pertains to an authentication bypass that could result in remote code execution. An unauthorized malicious actor can take advantage
Read More
Former NSA Employee Pleads Guilty to Espionage: The Inside Out From Loyal Employee to Spy Charges Remember when you borrowed your office pen and accidentally took it home? Well, Jareh Sebastian Dalke, a 31-year-old former NSA employee, apparently wanted to take more than just stationary goodies. This chap served as an Information Systems Security Designer
Read More
Software Development: Marching from Monolithic Meltdowns to Agile Acrobats – The evolution of application development has progressed significantly, yet the application programming interface (API) management systems are still stuck in the proverbial ‘computer stone age’ – Integration of newly developed APIs with legacy models still present challenges for organizations embarking on the path of modernization
Read More
Spanish Officials Ring Out Scam Ring, Seize €3 Million Main Points Spain’s law enforcement arrested 34 members of an online scamming gang. The gang’s fraudulent activities have led to a profit of about €3 million. A series of searches across five Spanish cities led to these arrests. Officials confiscated a trove of objects, including simulated
Read More
Hackers Play Hide and Seek with Cisco: Smarter Backdoor in Devices Main Takeaways A backdoor implanted on Cisco devices gets an upgrade to enhance its stealth capabilities. The upgraded implant exploits two zero-day flaws found in IOS XE software. Changes were made to keep the backdoor invisible by previous fingerprinting methods. Network traffic to compromised
Read More
TriangleDB: The Unwanted Guest at The Apple Party A Brief Overview of the Situation The TriangleDB implant specifically targets Apple iOS devices. This malicious implant has at least four modules allowing it to record microphone audio, extract data from iCloud Keychain, extract data from SQLite databases, and estimate the user’s location. Kaspersky discovered and publicized
Read More
A Suspicious Breach Detected – But 1Password User Data Remains Untouched, CTO Confirms Main Points: 1Password detects unusual activity on its Okta instance. The suspicious activity got noticed on September 29, following a support system breach. Immediately following the detection, the activity was terminated. Initial investigations suggest no compromise of user data or other sensitive
Read MoreNo products in the cart.