Microsoft Threat Intelligence experts say a threat group is associated with “QuaDream,” an Israeli-based private sector offensive actor (PSOA). It employed a zero-click exploit called END OF DAYS to compromise the iPhones of high-risk individuals. Reports say QuaDream sells a platform called REIGN to governments for use in law enforcement. A collection …
Read More »OpenAI Launched Bug Bounty Program – Rewards up to $20,000
It’s been almost half a year since the revolutionary ChatGPT was released. Amazingly, it reached 100 million users in just two months. ChatGPT has an unimaginable potential to answer things that need a lot of research. Due to its increasingly demanding usage, securing it from threat actors is also essential. The …
Read More »AI can crack half of common passwords in less than a minute
A new study by a cybersecurity firm has revealed that most commonly used passwords are vulnerable to artificial intelligence (AI) tools and can be cracked almost instantly. AI chatbots like ChatGPT have made it easier to perform tasks just by sending prompts. However, it seems these large tools are also …
Read More »Sophos Web Appliance Critical Flaw Let Attacker Execute Arbitrary Code
Sophos has released a new security advisory that has fixed 3 of its significant vulnerabilities, allowing threat actors to execute arbitrary code injection on Sophos Web Appliance (SWA). CVE(s): CVE-2023-1671 – Pre-Auth Command Injection CVE-2022-4934 – Post-Auth Command Injection CVE-2020-36692 – Reflected XSS via POST method CVE-2023-1671 – Pre-Auth Command Injection in Sophos …
Read More »Pay $20K To Infect Android Devices Via Google Play Store – Darkweb Report
In recent times, it has been observed by the security researchers at Kaspersky’s SecureList that the official Google Play store’s security has become increasingly vulnerable to the schemes of the threat actors. These shady actors have exploited various loopholes to develop tools that can effectively Trojanize the existing Android applications, making them …
Read More »12 Days to Pay Ransom: Palo Alto County Sheriff Office Ransomware Attack
The Palo Alto County Sheriff Office seems to have become the latest victim of a ransomware attack after hacker collective Play ransomware added it to its list. A deadline of 12 days to pay a ransom has been set by the ransomware group, following which they have threatened to publish the stolen …
Read More »Women Hold 25 Percent Of Cybersecurity Jobs Globally In 2022
Women hold 25 percent of cybersecurity jobs globally in 2022, up from 20 percent in 2019, and around 10 percent in 2013. We predict that women will represent 30 percent of the global cybersecurity workforce by 2025, and that will reach 35 percent by 2031. This goes beyond securing corporate …
Read More »New Scam Alerts Users About YouTube Altering Policy
A new YouTube phishing campaign is making rounds in the wild, urging users to read and accept so-called changes in YouTube’s rules and policies. What’s scary is that it abuses YouTube’s authentic email address to lure users into providing their credentials. What’s the new scam? YouTube has published a warning, stating …
Read More »Black Hat Asia 2023
The Black Hat Trainings offer attendees individual technical courses on topics ranging from the latest in penetration testing to exploiting web applications and even defending and building SCADA systems. Often designed exclusively for Black Hat, these hands-on attack and defense courses are taught by industry and subject matter experts from …
Read More »Telecom Cybersecurity UK & EU 2023
At Telecoms Cybersecurity UK & EU we will address how the sector is ensuring security by design and assurance as the communication backbone of digital security, IT, OT and IoT. As technology develops, our world grows, and as the threat landscape changes, cyber-attacks, specifically against the telecom industry, are on …
Read More »