– The China-linked threat actor Budworm is behind a recent spate of cyber-attacks on government and telecom entities. – The threats were launched against a Middle Eastern telecommunications company and an Asian government. – These attacks took place in August 2023. – Budworm employed the use of an advanced version of its SysUpdate toolkit. –
Read More
Google Attends to New Actively Exploited Zero-Day in Chrome Browser Main Points: Google has launched fixes for a newly found active zero-day in the Chrome browser. The vulnerability, identified as CVE-2023-5217, is a high-risk issue. This bug is a heap-based buffer overflow in the VP8 compression format in libvpx. Buffer overflow flaws like this one
Read More
AtlasCross Phishing Lures with a Twist of Red Cross Spice – The new threat actor AtlasCross uses Red Cross-themed phishing lures to deliver two unlisted backdoors – DangerAds and AtlasAgent. – AtlasCross, renowned for its high technical level and cautious attack attitude, has been labelled by NSFOCUS Security Labs as strikingly targeted. – The captured
Read More
GPU.zip: A New Side-channel Attack Throttles Graphics Processors – Researchers identify new side-channel attack called GPU.zip that threatens most modern GPUs. – The attack leverages data compression optimization embedded in virtually all GPUs. – The research team hailed from prominent academic institutions including the University of Texas at Austin, Carnegie Mellon University and more. –
Read More
Summary of Data Security Woes: The High Price of Cybercrime Main Takeaways Data security often makes headlines due to major breaches. New hacking methods threaten supposedly secure data. Despite being costly to prevent, cybercrimes like data breaches, ransomware, and malware attacks are even more expensive when they occur. Costly Consequences of Cyber Breaches Put on
Read More
New ZenRAT Malware Trots Its Way Through Bogus Bitwarden Installs Main Points A new strain of malware dubbed ZenRAT is lumbering about in the digital wilderness. If you click the wrong links, you could find yourself in a good bit of trouble. The tricky part? This new baddie is luring unsuspecting victims through fake installation
Read More
Google Identifies New Critical Security Flaw in Libwebp Image Library An article was published recently that highlighted Google’s assigning of a new CVE (Common Vulnerabilities and Exposures) identifier for a major security defect in the libwebp image library when rendering WebP format images. Just like dad mixes his dinner and dessert in one plate, this
Read More
Microsoft Rolls Out Support for Passkeys on Windows 11 Here is a summary of the main points: – Microsoft releases a major update which includes support for passkeys on Windows 11 – Passkeys allow users to log into websites and applications without entering a username and password – The user’s device PIN or biometric information
Read More
The Rising Threat of ShadowSyndicate Intro Fit your digital security helmets, folks. We’re about to dive into the murky depths of the world-wide web, where cybercrime dons designer code and goes by the name ShadowSyndicate. This newly exposed group, previously known under its less glamorous alias ‘InfraStorm’, has been wreaking virtual havoc, brazenly swinging around
Read More
The A to Z of Tech Acronyms: Sorting Out Cybersecurity Standards Ladies and Gents, gather around! Get your spoons ready, because today we’re serving up a hearty bowl of “cybersecurity standards” soup. With ingredients like SOC 2, ISO, HIPAA, and Cyber Essentials, this dish has quite a puzzling flavor. So, let’s break it down and
Read MoreNo products in the cart.