Cybersecurity Tips Every Indian Should Know in 2023
Cybersecurity is the practice of protecting systems, networks, and data from unauthorized access, use, disclosure, disruption, modification, or destruction. It is a complex and ever-evolving field, as cybercriminals continue to develop new and sophisticated methods of attack. Cybersecurity is important for everyone, but it is especially important for Indians. India is one of the fastest-growing […]
The Dark Web: A Hidden Danger or a Valuable Resource?
The dark web is like a hidden treasure chest on the internet, but beware, for it’s filled with both wonder and peril. Imagine a place where secrets are traded and shadows whisper in anonymity. Today, we’re embarking on a journey into this mysterious realm. Our guide? Real stories that will shine a light on why […]
€5.5 million fine imposed on WhatsApp for data protection violations
On Thursday, Ireland’s Data Protection Commission (DPC) fined Meta’s WhatsApp a new €5.5 million for violating data protection laws when processing users’ personal data. As a result of the ruling, the platform’s Terms of Service have been updated, requiring users to agree to the new terms in preparation for the General Data Protection Regulation (GDPR) […]
Android devices are being exploited by hackers with RATs
The threat actor behind the BlackRock and ERMAC Android banking trojans has unleashed yet another malware for rent called Hook that introduces new capabilities to access files stored on the devices and create a remote interactive session. ThreatFabric, in a report, characterized Hook as a novel ERMAC fork that’s advertised for sale for $7,000 per […]
Warning: Tainted VPNs are Distributing EyeSpy Monitoring Software
A compromised VPN installer is used to distribute surveillance software called EyeSpy as part of a malware campaign launched in May 2022. It uses “SecondEye’s component (a legitimate surveillance application) to spy on users of Iran-based VPN service, 20Speed VPN, via trojanized installers,” said Bitdefender in its analysis. The US Romanian cybersecurity firm added that […]
Synology releases patch for critical RCE vulnerability affecting VPN Plus servers
Synology has released a security update to address a critical vulnerability in VPN Plus Server that could be used to take over an affected system. The vulnerability registered as CVE-2022-43931 has a maximum severity of 10 in the CVSS rating and was described as a write out of bounds error in the Remote Desktop feature […]
APT hackers use malicious Excel add-ins as an initial breach vector
Microsoft’s decision to block Visual Basic for Applications (VBA) macros by default in Office files downloaded from the Internet has prompted many attackers to improvise attack chains in recent months. Today, according to Cisco Talo, advanced persistent threat (APT) actors and the commodity malware family are increasingly using Excel extension files (.XLL) as their primary […]
BrasDex is a new Android malware from Casbaneiro Actors
A new Android malware called BrasDex was exposed to users in Brazil as part of a multi-platform campaign. The malware targets a series of Brazilian applications and high-performance Automated Transfer System (ATS) engines in an ongoing multi-platform campaign. Diving into Details BrasDex, a trojan for Android, was developed by the attackers who created the Casbaneiro […]
Google takes Gmail security to the next level with client-side encryption
Google announced Friday that client-side encryption for Gmail is in beta for workspace and education customers. This is part of an effort to secure emails sent through her web version of the platform. This development comes at a time when online privacy and data security concerns are at an all-time high, and is a welcome […]
What developers need to deal with common vulnerabilities
Today’s threat landscape is constantly changing, and now more than ever, organizations and businesses across all industries have an urgent need to consistently produce and maintain secure software. While certain verticals – such as the financial sector – have been subject to regulatory and compliance requirements for some time, we are seeing increased attention towards […]