Every day a lot of cyberattack happenings around the world including ransomware, Malware attack, data breaches, website defacement and so on. Its our daily security digest to cover the latest happenings in the world. Spend a bit time to read out todays update: # Warning on 500K French supermarket shoppers …
Read More »
SafetyDetectives researchers found that Microsoft Defender was tricked by malware which allowed cryptocurrency theft from a user while analyzing a misleading NFT game app that aimed to steal cryptocurrency. The application bypassed Google’s two-factor authentication, compromising the device and stealing over $24,000 in cryptocurrency. Researchers have found that this malware …
Read More »
A study by Censys found that more than 145,000 Industrial Control Systems (ICS) are exposed online in 175 countries, highlighting a significant security risk. The findings are alarming for the United States, which has over one-third of global exposures (48,000 systems). This shows a pressing need for improved cybersecurity in …
Read More »
Osaka-based showerhead maker Science Co. is developing a new version of human washing machine based on cutting-edge technology. The company plans to hold an expo in Osaka this April, offering a 15-minute “wash and dry” experience for up to eight people daily, but reservations are required. the company plans to …
Read More »
Over 2,000 Palo Alto Networks firewalls have been compromised in a widespread attack using two recently patched vulnerabilities (CVE-2024-0012 and CVE-2024-9474), according to Shadowserver Foundation’s internet scanning. Palo Alto Networks security researchers reported on Wednesday that they detected a “limited set of exploitation activity” involving two vulnerabilities in PAN-OS, the …
Read More »
Renowned cybersecurity researcher Jeremiah Fowler uncovered a non-password-protected database having over 1.1 million records linked to Conduitor Limited (Forces Penpals). This platform provides dating services and social networking for US and UK military personnel and their supporters. Jeremiah Fowler revealed that the publicly accessible database lacked password protection and encryption. …
Read More »
Trend Micro released a security update for Deep Security 20 Agent Manual Scan Command Injection RCE Vulnerability (CVE-2024-51503) that resolves a manual scan command injection remote code execution (RCE) vulnerability. On 18 November, Trend Micro released the update Severity rating level “High”, CVSS 3.0 score: 8.0. Vulnerability Details: CVE-2024-51503: Security …
Read More »
Apple released critical updates for its various products including for iOS, iPadOS, macOS, visionOS, and Safari to fix two zero-day vulnerabilities actively being exploited in the wild. The flaws are listed below: CVE-2024-44309 : A vulnerability in cookie handling that could allow a cross-site scripting (XSS) attack when processing harmful …
Read More »
Maxar Space Systems has verified a major data breach that exposed particular information of current and former workers. The breach in mid-October 2024 raised major cybersecurity concern after a hacker used a Hong Kong IP address to attack the company’s systems immorally. Maxar said, they discovered the breach on ‘October …
Read More »
A security vulnerability (CVE-2024-52308) in the GitHub Command Line Interface (CLI) could allow remote code execution on users’ devices. With a CVSS score of 8.1, this highlights the need for developers to stay vigilant with software updates and security measures. The vulnerability arises from how the gh CLI handles SSH …
Read More »
InfoSecBulletin Cybersecurity for mankind
