Researchers have disclosed details of a now-patched security vulnerability in GitLab, an open-source DevOps software, that could potentially allow a remote, unauthenticated attacker to recover user-related information. Tracked as CVE-2021-4191 (CVSS score: 5.3), the medium-severity flaw affects all versions of…
Latest posts - Page 68
Hackers Leaked DLSS Source Code Online Who Broke Into NVIDIA’s Network
NVIDIA an American chipmaking company, on Tuesday confirmed that its network was breached as a result of a cyber attack, enabling the perpetrators to gain access to sensitive data, including source code purportedly associated with its Deep Learning Super Sampling…
Cybersecurity Bill to Strengthen Critical Infrastructure Security Passed by Senate of United States.
The U.S. Senate unanimously passed the “Strengthening American Cybersecurity Act” on Tuesday in an attempt to bolster the cybersecurity of critical infrastructure owners in the country. The new bipartisan legislation, among other things, stipulates entities that experience a cyber incident…
Again The TeaBot Trojan Haunts Through Google Play Store
Malicious Google Play apps have circumvented censorship by hiding trojans in software updates.The TeaBot banking trojan – also known as Anatsa – has been spotted on the Google Play store, researchers from Cleafy have discovered. The malware – designed to intercept…
New method circumvents Spectre-V2 mitigation in Intel, AMD processors
A new method to evade hardware mitigations in AMD, Intel, and Arm processors has been discovered by researchers. The processors can be subject to speculative execution attacks like Spectre, resulting in data pilfering from host memory. Spectre and similar attacks…
DDOs Threat actor targets website with 2.5 million requests
Attackers are relentlessly attacking targets with ransom notes and manipulating the stock price of targeted companies. These notes were part of a string_of_text directed to CEOs. Recently, a DDoS ransomware threat actor has brought down a single website with up…
A raft of APC Smart-UPS devices vulnerable to attacks
Armis researchers have found three vulnerabilities in APC Smart-UPS devices; they call the vulnerabilities collectively TLStorm. APC stated it had sold more than 20 million UPS devices globally; Armis shared data that points to 80% of companies being vulnerable to…
Amazon’s Echo smart speakers can be hacked to issue self-commands
Academic researchers have uncovered a vulnerability in Amazon Echo smart speakers, which can be used to hack it. The hacker can use the speaker to make unwanted commands like unlock doors, make phone calls and unauthorized purchases, and control furnaces,…
SharkBot malware spreading through fake antivirus app on Google Play store
Threat actors have used antivirus as their banking trojan cover to avoid detection by Google Play. The banking trojan is called SharkBot. SharkBot, similar to other malware TeaBot, FluBot, and Oscorp (UBEL), falls under the financial trojan category. It can…
RuRAT campaign using innovative methods to get inside the system
RuRAT malware is being installed as part of a malicious drive; the malware allows remote access to affected devices. The attackers are masking as a venture capital firm looking to invest money or buy the victim’s site. An IP address…