Log4j news – On 28th December 2021, another vulnerability affecting the Log4j logging library was discovered. The vulnerability is labelled CVE-2021-44832. The vulnerability CVE-2021-44832 affects versions 2.17.0 and before. The vulnerability was assumed to be patched, but it wasn’t. The…
Cybersecurity researchers have offered insight into a system known as Double Feature. The system tracks different stages of post-exploitation originating from the DanderSpiriz—a full-featured malware framework deployed by the Equation group. DanderSpirtz was first discovered on April 14, 2017; DanderSpritz…
Imperva Research Lab’s study concluded that web application attacks are rising, on average, by 22% each quarter. The study examined nearly 4.7 million web application incidents. Further, the attacks have increasingly increased from Q2 2021 to Q3 2021— a 67.9% surge.…
Hackers targeted a hospital system in West Virginia; the attackers used a phishing attack for a data breach from the hospital’s system. Monongalia health system, which also operates Monongalia County General Hospital Company and Stonewall Jackson Memorial Hospital Company, stated…
Microsoft has pushed users to patch two security vulnerabilities in Active Directory domain controllers that it released in November. Microsoft has become active after a proof-ofo-concept video was made available on December 12. The two vulnerabilities—labeled as CVE-2021-42287— have been…
In a press release, Ukraine police stated that they arrested a 51-member group, for selling data of more than 300 million Americans and Europeans to hackers. Groups like the above are on the rise, and one must go beyond the…
An identity fraud report states that passports are now the most attacked identity document or online fraud among all the identity documents. Over the past year, Onfido’s 2022 Identity Fraud report, fraudsters have targeted passports more than any other identity…
Already existing codes and codes created from scratch Earlier, an author of software wrote each code from scratch for the software, but things have changed. Nowadays, it’s not an individual but teams that write codes for software. And the authors…
Meta Platforms, formerly known as Facebook, has announced that it’s scaling up its bug bounty program. The bug bounty program will start rewarding genuine reports of scraping vulnerabilities relating to its several platforms. “We know that automated activity designed to…
Strongpity, a hacking group, is widely using malicious Notepad++ installers to target users in Belgium and Italy. The modus operandi is successful because of its ability to hide the malicious installer in a tool. An analyst called Blackorbird identified the…
