5 July 2022

Cybersecurity News

Cyber Security News, Information Security News, CyberSecurity Analysis, Breaking Cyber Security News. Exploit & Vulnerability News. Data Breach News Today.

British Army ’s Twitter, YouTube accounts were compromised to promote crypto scams British Army ’s Twitter, YouTube accounts were compromised to promote crypto scams
2 min read

British Army ’s Twitter, YouTube accounts were compromised to promote crypto scams

RiSec.Steve 5 July 2022
Threat actors compromised the Twitter and YouTube accounts of the British Army to promote online crypto scams. The Twitter and YouTube accounts of the British Army were used to promote NFT and other crypto scams. The YouTube account was used to transmit an older Elon Musk clip that attempts to trick users into visiting cryptocurrency scam sites. The attackers hijacked the verified Twitter account of the British Army, changed the profile images, and renamed it to ‘pssssd.’ At this time it is not clear how the attackers compromised the accounts simultaneously...
Continue Reading
Google Claims Half of all Zero-Day Bugs Are Due to Poor Patches Zero-day
2 min read

Google Claims Half of all Zero-Day Bugs Are Due to Poor Patches

RiSec.Mitch 5 July 2022
Google Project Zero noted a total of 18 zero-day bugs this year, so far. Researchers at Google Project Zero noted that half of the zero-day bugs found in H1 2022 – that were exploited before a patch was publicly available – can be avoided if concerned software vendors made better testing of their patches. Also, there have been four zero-day bugs spotted that were just the variants of previously released patches – produced by hackers. Some of the 18 zero-day bugs they noted today were from Google’s own Chrome...
Continue Reading
10+ Cyber security statistics that every business should know Cyber security statistics
4 min read

10+ Cyber security statistics that every business should know

RiSec.Steve 2 July 2022
Though the information age has revolutionized the way we work, it has also directly resulted in businesses becoming susceptible to cyber attacks. In recent years, the COVID-19 pandemic has changed the way we work, even more, resulting in many of us working from home full-time. With such an unexpected and colossal shift, cyber crime skyrocketed. Working from home may be beneficial for some businesses, but most homes have weaker security measures, leaving data ripe for targeting. It is essential that companies provide their employees with information or training on...
Continue Reading
Many wireless peripherals are vulnerable to a range of attacks, here’s an example! Many wireless peripherals are vulnerable to a range of attacks, here's an example!
3 min read

Many wireless peripherals are vulnerable to a range of attacks, here’s an example!

RiSec.Mitch 2 July 2022
Wireless peripherals and computer accessories offer mess-free convenience in the workspace, allowing users to move keyboards and mice to a more comfortable or visually pleasing position or to switch between computers at the press of a button. However, unlike other types of USB devices that IT departments vet – such as USB flash drives, card readers, fingerprint sensors, and authentication devices – wireless keyboards and mice might not receive a high level of scrutiny. Wireless devices typically are not chosen and used with security in mind, and a surprising...
Continue Reading
Fixing indirect vulnerabilities without breaking your dependency tree Fixing indirect vulnerabilities without breaking your dependency tree
5 min read

Fixing indirect vulnerabilities without breaking your dependency tree

RiSec.Mitch 2 July 2022
Fixing indirect vulnerabilities is one of those complex, tedious and, quite frankly, boring tasks that no one really wants to touch. No one except for Debricked, it seems. Sure, there are lots of ways to do it manually, but can it be done automatically with minimal risk of breaking changes? The Debricked team decided to find out. A forest full of fragile trees So, where do you even start? Firstly, there needs to be a way to fix the vulnerability, which, for indirect dependencies, is no walk in the park....
Continue Reading
Google Improves Password Manager to Boost Security google
2 min read

Google Improves Password Manager to Boost Security

RiSec.Mitch 2 July 2022
Google announced a slew of improvements to its password manager service aimed at creating a more consistent look and feel across different platforms. Central to the changes is a “simplified and unified management experience that’s the same in Chrome and Android settings,” Ali Sarraf, Google Chrome product manager, said in a blog post. The updates are also expected to automatically group multiple passwords for the same sites as well as introduce an option to manually add passwords. Although Google appears to be not ready yet to make Password Manager as a standalone app,...
Continue Reading
YTStealer Malware Targets Accounts of YouTube Content Creators cybersecurity news
3 min read

YTStealer Malware Targets Accounts of YouTube Content Creators

RiSec.Mitch 29 June 2022
Cybersecurity researchers have documented a new information-stealing malware that targets YouTube content creators by plundering their authentication cookies. Dubbed “YTStealer” by Intezer, the malicious tool is likely believed to be sold as a service on the dark web, with it distributed using fake installers that also drop RedLine Stealer and Vidar. “What sets YTStealer aside from other stealers sold on the dark web market is that it is solely focused on harvesting credentials for one single service instead of grabbing everything it can get ahold of,” security researcher Joakim...
Continue Reading
Weblizar 8.9 Backdoor – WordPress Plugin Weblizar 8.9 Backdoor - WordPress Plugin
4 min read

Weblizar 8.9 Backdoor – WordPress Plugin

RiSec.Steve 27 June 2022
The premium version of School Management, a plugin schools use to operate and manage their websites, has contained the backdoor since at least version 8.9, researchers at website security service Jetpack said in a blog post without ruling out that it had been present in earlier versions. This page from a third-party site shows that version 8.9 was released last August. Obvious backdoor Jetpack said it discovered the backdoor after support team members at WordPress.com reported finding heavily obfuscated code on several sites that used School Management Pro. After deobfuscating it, they realized that...
Continue Reading
Horizon Offers $1M Bounty to Hackers Who Stole $100M An artist's representation of the Horizon bridge (Source: Harmony)
5 min read

Horizon Offers $1M Bounty to Hackers Who Stole $100M

RiSec.Steve 27 June 2022
Blockchain company Harmony has offered a $1 million bounty to hackers who stole $100 million worth of Ethereum tokens. It also says it won’t push for criminal charges if the funds are returned. The Horizon bridge is a cross-chain protocol connecting the Ethereum, Binance and Harmony blockchains. It allows the transfers of cryptocurrencies, stablecoins and non-fungible tokens between the Harmony blockchain and the other networks, DataBreachToday.co.uk Reports The company has attempted to contact the hackers via a transaction to their Ethereum wallet address, Harmony tells Information Security Media Group. At the...
Continue Reading
Fake copyright infringement emails install LockBit ransomware LockBiit logo
3 min read

Fake copyright infringement emails install LockBit ransomware

RiSec.Mitch 27 June 2022
LockBit ransomware affiliates are using an interesting trick to get people into infecting their devices by disguising their malware as copyright claims. The recipients of these emails are warned about a copyright violation, allegedly having used media files without the creator’s license. These emails demand that the recipient remove the infringing content from their websites, or they will face legal action, reports BleepingComputer Reports The emails, spotted by analysts at AhnLab, Korea, do not determine which files were unfairly used in the body and instead tell the recipient to download...
Continue Reading

You may have missed

British Army ’s Twitter, YouTube accounts were compromised to promote crypto scams British Army ’s Twitter, YouTube accounts were compromised to promote crypto scams
2 min read

British Army ’s Twitter, YouTube accounts were compromised to promote crypto scams

5 July 2022
Google Claims Half of all Zero-Day Bugs Are Due to Poor Patches Zero-day
2 min read

Google Claims Half of all Zero-Day Bugs Are Due to Poor Patches

5 July 2022
10+ Cyber security statistics that every business should know Cyber security statistics
4 min read

10+ Cyber security statistics that every business should know

2 July 2022
Many wireless peripherals are vulnerable to a range of attacks, here’s an example! Many wireless peripherals are vulnerable to a range of attacks, here's an example!
3 min read

Many wireless peripherals are vulnerable to a range of attacks, here’s an example!

2 July 2022
en English
af Afrikaanssq Albanianam Amharicar Arabichy Armenianaz Azerbaijanieu Basquebe Belarusianbn Bengalibs Bosnianbg Bulgarianca Catalanceb Cebuanony Chichewazh-CN Chinese (Simplified)zh-TW Chinese (Traditional)co Corsicanhr Croatiancs Czechda Danishnl Dutchen Englisheo Esperantoet Estoniantl Filipinofi Finnishfr Frenchfy Frisiangl Galicianka Georgiande Germanel Greekgu Gujaratiht Haitian Creoleha Hausahaw Hawaiianiw Hebrewhi Hindihmn Hmonghu Hungarianis Icelandicig Igboid Indonesianga Irishit Italianja Japanesejw Javanesekn Kannadakk Kazakhkm Khmerko Koreanku Kurdish (Kurmanji)ky Kyrgyzlo Laola Latinlv Latvianlt Lithuanianlb Luxembourgishmk Macedonianmg Malagasyms Malayml Malayalammt Maltesemi Maorimr Marathimn Mongolianmy Myanmar (Burmese)ne Nepalino Norwegianps Pashtofa Persianpl Polishpt Portuguesepa Punjabiro Romanianru Russiansm Samoangd Scottish Gaelicsr Serbianst Sesothosn Shonasd Sindhisi Sinhalask Slovaksl Slovenianso Somalies Spanishsu Sudanesesw Swahilisv Swedishtg Tajikta Tamilte Teluguth Thaitr Turkishuk Ukrainianur Urduuz Uzbekvi Vietnamesecy Welshxh Xhosayi Yiddishyo Yorubazu Zulu