Nearly 1,900 Signal users’ phone numbers were made public as a result of the data breach Twilio, a cloud communications provider, had at the beginning of the month. For Signal, Twilio offers phone number verification services. Last week, the company…
Latest posts - Page 43
Discord Desktop – Remote Code Execution
Discord RCE Because Discord was being used for their Prototype Pollution study collaboration, the electrovolt team made the decision to pwn it. Since Discord uses ElectronJS for its desktop application, they must admit that at the time they started studying…
The Issue Of Cloud Isolation Is That Several Cloud Companies Are Impacted By PostgreSQL Flaws
How PostgreSQL-as-a-Service solutions from GCP, Azure, and other providers were found to have numerous connected vulnerabilities. The cloud has an isolation problem Tenant isolation is a core tenet of the cloud, and Wiz Research did substantial research on it over…
Three Microsoft-Signed Boot Loaders Have UEFI Secure Boot Bypasses, According To Researchers.
Unsigned third-party Unified Extensible Firmware Interface (UEFI) boot loaders that allow bypassing of the UEFI Secure Boot feature have been found to have a security feature bypass vulnerability. Hardware security company Eclypsium stated in a report shared with The Hacker…
GoTestWAF Expands API Attack Testing With Support For OpenAPI
Attendees at Black Hat USA have learned that the popular open-source hacking tool GoTestWAF has developed into the first utility of its kind to assess API security platforms. The security testing tool, which was introduced in April 2020, mimics OWASP…
Hackers Exploited Crypto Platform RenBridge To Launder $540 mn: Reports
More than half a billion dollars have been laundered in crypto assets originating from theft, fraud, ransomware and various other types of criminal activity since 2020, a new report has revealed The report by Blockchain analysis group Elliptic said one…
Supply Chain Cybersecurity: Everyone’s Responsibility
This week, I had a conversation with a new client who revealed that they are eager to solve various internal problems relating to their IT systems. They explained how their company has been negatively impacted by service failures and delays…
A New Hacker Forum Adopts A Pro-Ukrainian Position
The only aim of the politically motivated website DUMPS is threatening behavior against Russia and Belarus. Researchers have discovered that a new hacker forum is adopting an unusual political position to support Ukraine in its conflict with Russia by exclusively…
How A Security Concern Was Caused By An IP Address Compromise At The DRDO Missile Lab
The Defence Research and Development Organization (DRDO), which is in charge of the nation’s missile development projects, suffered a significant breach that the Indian security establishment discovered, exposing security grid flaws. The breach involved the misappropriation of the company’s extremely…
DeathStalker’s VileRAT Continues to Target Foreign and Crypto Exchanges
The menace actor regarded as DeathStalker has continued to goal and disrupt foreign and cryptocurrency exchanges around the planet in the course of 2022 utilizing the VileRAT malware, in accordance with security researchers from Kaspersky. The findings are in-depth in…