Parse Server has been updated to address a prototype pollution vulnerability that could result in remote code execution (RCE). According to a GitHub security advisory posted on November 8, an attacker could potentially trigger RCE by utilizing the flaw (CVE-2022-39396)…
Two ongoing surveillance operations have been discovered using Android spyware programmes to gather personal data and locate the Uyghur population in China and other countries. This includes upgraded versions of an espionage artefact termed MOONSHINE by researchers from the University…
The Russian hacktivists introduced a new ransomware strain called Somnia that hit Multiple Ukrainian enterprises and encrypted their computers and disrupted operations. In a statement published on its website, the Computer Emergency Response Team of Ukraine (CERT-UA) announced the outbreak…
Arrested in Canada: Accused LockBit Ransomware Operator. Mikhail Vasiliev, a Russian-Canadian, could spend up to five years in prison in the US. Ontario police detained a dual citizen of Canada and Russia for serving as a member of the LockBit…
Cybersecurity experts have issued a warning over “huge phishing efforts” that disseminate five different types of malware and target Indian banking users. New, Large-Scale Malicious Campaigns Targeting Customers of Top Indian Banks. In a study released this week, Trend Micro…
A security researcher accidentally stumbled onto a Google Pixel lock-screen bypass problem. Hacking Google Pixel screen locks nets the researcher $70,000. David Schütz found the flaw, which allowed an attacker to unlock any Google Pixel phone without having the passcode.…
In comparison to the global average of 70%, 89% of Indian business executives claim that their organization’s cybersecurity team identified a significant cyber threat to business and stopped it from having an impact on their operations. Executives anticipate more cybersecurity…
APT29, a nation-state actor with ties to Russia, was discovered using Credential Roaming, a “lesser-known” Windows feature. In its attack on an undisclosed European diplomatic entity network. According to technical writing by Mandiant analyst Thibault Van Geluwe de Berlaere, “the…
In order to divert visitors to phoney Q&A discussion boards, hackers have compromised around 15,000 websites with huge black hat SEO campaigns (Google SEO poisoning campaign). Sucuri, who claims that each compromised site has about 20,000 files used in the…
Tehran hackers close the sophistication gap with social engineering The federal government cautions the healthcare industry to be on the lookout for Iranian threat actors disguising themselves as doctors, think tank researchers, or journalists. Tehran-backed hackers frequently use social engineering…
