What is InfoSec

US Critical Infrastructure Security Agency (CISA) adds critical CVE-2022-30525 RCE flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog The U.S. Cybersecurity and Infrastructure Security Agency added the recently disclosed remote code execution bug, tracked as CVE-2022-30525, affecting Zyxel firewalls, to its Known Exploited Vulnerabilities Catalog. According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog. Experts recommend also private organizations review the Catalog and address……

 12,034 total views,  248 views today

More than 200 Android apps masquerading as fitness, photo editing, and puzzle apps have been observed distributing spyware called Facestealer to siphon user credentials and other valuable information. “Similar to Joker, another piece of mobile malware, Facestealer changes its code frequently, thus spawning many variants,” Trend Micro analysts Cifer Fang, Ford Quin, and Zhengyu Dong said in a new report. “Since its discovery, the spyware has continuously beleaguered Google Play.” Facestealer, first documented by Doctor Web in July 2021, refers to a group of fraudulent apps that invade the official app marketplace for Android with the goal……

 9,776 total views,  227 views today

HACKER Group Killnet have announced global cyber attacks against a number of countries – including the UK – for standing up to Vladimir Putin’s war in Ukraine. The other countries being targeted by the Russia-linked group are the US, Germany, Italy, Latvia, Romania, Lithuania, Estonia, Poland and Ukraine. The hacktivists claimed to have disrupted the infrastructure of Italy’s State Police anti-cyber crime arm after it thwarted hacking attempts on the Eurovision Song Contest. Hackers from the Killnet group announced in the early hours of Monday morning that claims made by……

 10,765 total views,  212 views today

The company’s transactional platforms were unavailable for a week following the incident in February. Brazilian e-commerce conglomerate Americanas.com reported a multimillion-dollar loss in sales in its financial results on Friday after a major cyberattack earlier this year. The company lost 923 million Brazilian reais ($183 million) in sales after two attacks that took place between February 19 and 20 and rendered its e-commerce operation unavailable. According to the company, physical stores continued to operate and the logistics arm of the company continued to deliver orders placed after the event. “In……

 9,679 total views,  137 views today

SentinelOne disclosed two high-severity vulnerabilities – tracked as CVE-2022-26522 and CVE-2022-26523 – that went undiscovered for years and affect the “Anti Rootkit” driver in security products from Avast and AVG.  The two anti-virus companies joined forces in 2016 when Avast bought AVG for about $1.3 billion. NortonLifeLock announced in 2021 that it reached an agreement to merge with the Czech antivirus maker in a stock-based deal that could be worth between $8.1 billion to $8.6 billion. On December 20, SentinelOne notified Avast of the two vulnerabilities that could lead to privilege escalation “by running code in the kernel……

 18,956 total views,  37 views today