Armis researchers have found three vulnerabilities in APC Smart-UPS devices; they call the vulnerabilities collectively TLStorm. APC stated it had sold more than 20…
Cybersecurity
Amazon’s Echo smart speakers can be hacked to issue self-commands
Academic researchers have uncovered a vulnerability in Amazon Echo smart speakers, which can be used to hack it. The hacker can use the speaker…
SharkBot malware spreading through fake antivirus app on Google Play store
Threat actors have used antivirus as their banking trojan cover to avoid detection by Google Play. The banking trojan is called SharkBot. SharkBot, similar…
Unpatched GitLab servers vulnerable
An old vulnerability (CVE-2021-22205) is being actively exploited for controlling on-premise Gitlab servers, Rapid7 researcher Jacob Baines remarks. What makes it worse is at…
Who’s behind the Stalkerware network of compromising several phones?
Developed states are backing spyware that can remotely hack into iPhones. Governments are buying and using these hacking tools to target dissent—journalists, activists and…
Pentest as a service Platform: What’s new with Bugdazz 2.0.1?
Pentest as a service platform helps to smoothly manage pentests. Bugdazz 2.0.1 has been released, and it has several improvements over its previous version.…
Data privacy bill: how individuals and companies are affected?
In 2017, the Indian Supreme Court held that the right to privacy was a fundamental right, and afterwards, the Indian Parliament drafted a data…
OpenSea’s users have reported losing $1.7 million in a phishing attack
OpenSea’s NFT marketplace vulnerability in the smart contract upgrade process exploited by malicious actors. The malicious actors executed a phishing attack against 17 users…
Hackers exploit unpatched Microsoft SQL using Cobalt Strike
Threat actors have targeted vulnerable internet-facing Microsft SQL (MS SQL) servers. The attacks entail planting the Cobalt Strike adversary simulation tool in the targeted…
Android vulnerabilities are being exploited to register disposable accounts
A study of SMS phone-verified account (PVA) services has revealed a rogue platform with a botnet underneath. The rogue platform has infected thousands of…