Top ethical hackers are currently competing in Tokyo. They have discovered nearly 40 zero-day vulnerabilities in Tesla and other products. The first car-focused Zero Day Initiative (ZDI) Pwn2Own contest takes place from January 24-26. ZDI is the world’s largest bug bounty program, encouraging ethical hackers to find and report vulnerabilities …
Read More »Pwn2Own Contest Tokyo
Bulletproof Hosting: A Critical Cybercriminal Service
Cybercriminals now offer services and products to other cybercriminals is a significant development in the last two decades. Cybercrime-as-a-service has made it easier for criminals to get into cybercrime, allowing them to specialize and commit crimes on a larger scale. For instance, instead of coding malware, a criminal can buy …
Read More »CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-22527 Atlassian Confluence Data Center and Server Template Injection Vulnerability CVE-2023-22527 Detail: A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE …
Read More »Bangladeshi hospital to wear heart ring through Robot
On Sunday (January 21) Bangladesh’s only specialized institution, National Institute of Cardiovascular Diseases, entered the era of robotic services by fitting free robotic rings in the main arteries of two heart patients. The work was completed very efficiently by the associate professor Dr. Pradeep Kumar Karmakar and his specialized team …
Read More »
Cybernews report
‘Mother of all Breaches’ sees 26billion records leaked online
A database of 26 billion leaked records has been discovered called the “Mother of all Breaches.” Cybersecurity researcher Bob Dyachenko and the team at Cybernews found a huge 12-terabyte leak. The database contains both credentials and sensitive data, but it’s not clear who is responsible for it. Having your personal …
Read More »CISA Releases Six Industrial Control Systems Advisories
CISA released 6 advisories for Industrial Control Systems (ICS) on January 23, 2024. These advisories share important information about security issues, vulnerabilities, and exploits related to ICS. ICSA-24-023-01 APsystems Energy Communication Unit (ECU-C) Power Control Software ICSA-24-023-02 Crestron AM-300 ICSA-24-023-03 Voltronic Power ViewPower Pro ICSA-23-023-04 Westermo Lynx 206-F2G ICSA-24-023-05 Lantronix …
Read More »
Medibank breach
Australia imposes sanctions on Russian hacker
Australia has imposed cyber sanctions on a Russian hacker for his alleged role in a 2022 ransomware attack. This is the country’s first use of this penalty. A cyberattack stole personal data from 9.7 million Medibank customers in Australia. The data includes names, birth dates, medical information, and Medicare numbers. …
Read More »Apple patches 2024’s first zero-day
Apple’s first zero-day of 2024 has been disclosed, with fixes pushed out for MacOS, iOS, and iPadOS. Apple describes CVE-2024-23222 as a type confusion bug in Webkit. They are aware of a report suggesting that this issue might have been exploited. “Processing maliciously crafted web content may lead to arbitrary …
Read More »
Swedish customers affected
Akira ransomware hits cloud service Tietoevry
A ransomware attack on a data center run by Finnish IT company Tietoevry has caused widespread outages in Sweden, affecting healthcare, government services, retail outlets, and the largest cinema chain in the country. Tietoevry, a publicly traded company based in Espoo, Finland, reported that an attack occurred over the weekend. …
Read More »“Cyber League” a new community of NCSC
The UK’s top cybersecurity agency NCSC will form a new group of experts to monitor current and future threats to the country. What is Cyber League? The Cyber League is a new initiative by the NCSC that brings together trusted cyber experts from the NCSC and industry. They aim to …
Read More »