Cybersecurity researchers have offered insight into a system known as Double Feature. The system tracks different stages of post-exploitation originating from the DanderSpiriz—a full-featured malware framework deployed by the Equation group. DanderSpirtz was first discovered on April 14, 2017; DanderSpritz…
Latest posts - Page 74
Web application attacks substantial rise
Imperva Research Lab’s study concluded that web application attacks are rising, on average, by 22% each quarter. The study examined nearly 4.7 million web application incidents. Further, the attacks have increasingly increased from Q2 2021 to Q3 2021— a 67.9% surge.…
Data Breach in West Virginia Hospital
Hackers targeted a hospital system in West Virginia; the attackers used a phishing attack for a data breach from the hospital’s system. Monongalia health system, which also operates Monongalia County General Hospital Company and Stonewall Jackson Memorial Hospital Company, stated…
Vulnerabilities let hackers control directory
Microsoft has pushed users to patch two security vulnerabilities in Active Directory domain controllers that it released in November. Microsoft has become active after a proof-ofo-concept video was made available on December 12. The two vulnerabilities—labeled as CVE-2021-42287— have been…
For selling data, Ukraine arrests 51 people
In a press release, Ukraine police stated that they arrested a 51-member group, for selling data of more than 300 million Americans and Europeans to hackers. Groups like the above are on the rise, and one must go beyond the…
Online Fraud: Passports, most forged IDs
An identity fraud report states that passports are now the most attacked identity document or online fraud among all the identity documents. Over the past year, Onfido’s 2022 Identity Fraud report, fraudsters have targeted passports more than any other identity…
Log4j vulnerability, risks emanating from it
Already existing codes and codes created from scratch Earlier, an author of software wrote each code from scratch for the software, but things have changed. Nowadays, it’s not an individual but teams that write codes for software. And the authors…
Facebook extends its bug bounty program
Meta Platforms, formerly known as Facebook, has announced that it’s scaling up its bug bounty program. The bug bounty program will start rewarding genuine reports of scraping vulnerabilities relating to its several platforms. “We know that automated activity designed to…
Notepad++ by Strongpity for malicious tool
Strongpity, a hacking group, is widely using malicious Notepad++ installers to target users in Belgium and Italy. The modus operandi is successful because of its ability to hide the malicious installer in a tool. An analyst called Blackorbird identified the…
Chrome patch for zero-day Vulnerability
Google released a patch for 5 vulnerabilities found in Chrome. One of the vulnerabilities was being exploited in the wild, and it was altogether the 17th vulnerability found this year in chrome. Labeled CVE-2021-4102, the flaw concerns a use-after-free bug…