Threat actors harvest user credentials by exploiting Instagram’s highly sought-after verification programme. Vade discovered a sophisticated and targeted phishing campaign aimed at luring Instagram…
Latest posts - Page 23
AWS
Over 1800 Android and iOS apps’ source code provides access to AWS credentials
The Symantec Danger Hunter team discovered 1859 applications on Android and iOS that contained hard-coded Amazon Web Expert services (AWS). They obtain tokens that…
Account Takeover Vulnerability
A TikTok vulnerability could have allowed account hijackers to take control
Microsoft has released a detailed description of a now-resolved issue that was potentially dangerous for TikTok users. Microsoft classified the issue as a “high-severity…
Google Chrome
A Google Chrome Bug Allows Sites To Write To The Clipboard Without Prompting
Chrome version 104 introduced a bug that removes the requirement for users to approve clipboard writing events from websites visited. This feature is not…
Ransomware
Cyber Signals: 3 Ransomware Protection Strategies
The “as a service” business model has grown in popularity as cloud adoption enables people to access services through third-party providers. Given the convenience…
Bug Bounty
A command injection vulnerability in GitHub Pages has earned a bug hunter $4,000
Social engineering techniques were used to trick developers into exposing repositories. Using the GitHub Pages build process, a security researcher discovered a way to…
Data Breach
A student loan breach has exposed 2.5 million records.
In a breach that could lead to further problems, 2.5 million people were affected. Over 2.5 million loanees have been notified by EdFinancial and…
Cybersecurity
In Hyderabad, a victim of cyber fraud files an FIR every fifth crime filed in a day
One of the main hubs for cybercrime has now been identified as the city of Nizams, which is also a center for IT. According…
cyberattack
Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations
Iranian state-sponsored actors are doing all in their power to target Israeli entities using unpatched Log4j systems; this shows how long the vulnerability will…
cyberattack
MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations
The Microsoft Threat Intelligence Center (MSTIC) and Microsoft 365 Defender Research Team have recently discovered Iran-based threat actor MERCURY using SysAid applications’ exploits of…