Webinar: Learn How to Stop Encrypted Attacks Before They Cost You Millions Ransomware isn’t slowing down—it’s getting smarter. Encryption, designed to keep our online lives secure, is now being weaponized by cybercriminals to hide malware, steal data, and avoid detection.The result? A 10.3% surge in encrypted attacks over the past Read more…
Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices Nov 05, 2024Ravie LakshmananVulnerability / Data Security Taiwanese network-attached storage (NAS) appliance maker Synology has addressed a critical security flaw impacting DiskStation and BeePhotos that could lead to remote code execution. Tracked as CVE-2024-10443 and dubbed RISK:STATION Read more…
Millions of mobile app users at risk from hardcoded creds • The Register An analysis of widely used mobile apps offered on Google Play and the Apple App Store has found hardcoded and unencrypted cloud service credentials, exposing millions of users to major security problems. The problem stems from lazy Read more…
Meta Fined €91 Million for Storing Millions of Facebook and Instagram Passwords in Plaintext Sep 30, 2024Ravie LakshmananGDPR / Data Privacy The Irish Data Protection Commission (DPC) has fined Meta €91 million ($101.56 million) as part of a probe into a security lapse in March 2019, when the company disclosed Read more…
Researcher Uncovers Flaws in Cox Modems, Potentially Impacting Millions Now-patched authorization bypass issues impacting Cox modems could have been abused as a starting point to gain unauthorized access to the devices and run malicious commands. “This series of vulnerabilities demonstrated a way in which a fully external attacker with no Read more…
Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years Cybersecurity researchers have discovered multiple campaigns targeting Docker Hub by planting millions of malicious “imageless” containers over the past five years, once again underscoring how open-source registries could pave the way for supply chain attacks. “Over four million of the repositories in Read more…
Dormakaba Locks Used in Millions of Hotel Rooms Could Be Cracked in Seconds Security vulnerabilities discovered in Dormakaba’s Saflok electronic RFID locks used in hotels could be weaponized by threat actors to forge keycards and stealthily slip into locked rooms. The shortcomings have been collectively named Unsaflok by researchers Lennert Wouters, Ian Read more…
Hackers Exploit Job Boards in APAC, Steal Data of Millions of Job Seekers Feb 06, 2024NewsroomDark Web / Cybercrime Employment agencies and retail companies chiefly located in the Asia-Pacific (APAC) region have been targeted by a previously undocumented threat actor known as ResumeLooters since early 2023 with the goal of Read more…
PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft Jan 18, 2024NewsroomFirmware Security / Vulnerability Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification used widely in modern computers. Collectively Read more…
18 Malicious Loan Apps Defraud Millions of Android Users Dec 11, 2023NewsroomData Security / Mobile Security Cybersecurity researchers have discovered 18 malicious loan apps for Android on the Google Play Store that have been collectively downloaded over 12 million times. “Despite their attractive appearance, these services are in fact designed Read more…