International

Sophos had to update old firewall firmware versions due to a security vulnerability (CVE-2022-3236) after attacked by hackers. There is a code injection flaw in the User Portal and Webadmin of Sophos Firewall. This flaw allows for remote code execution. ALSO READ: Bypassing major EDRS using “POOL PARTY”, Hackers revealed …

Researchers at cybersecurity firm SafeBreach created a new method called Pool Party. This method allows attackers to bypass EDR solutions. The researchers presented Pool Party at Black Hat Europe 2023. The experts discovered an new way to inject processes by using Windows thread pools. Researchers found eight new process injection …

The Apache Software Foundation fixed a critical file upload vulnerability in the Struts 2 open-source framework. This flaw, tracked as CVE-2023-50164, could allow remote code execution. An attacker can manipulate file upload parameters to upload a malicious file and execute code on the server. “An attacker can manipulate file upload …

A recent survey found that mid-sized Canadian companies paid an average of just over $1 million in ransomware payments this year. On Thursday, the results of a survey conducted by Palo Alto Networks were released. The survey involved IT professionals from 1,000 organizations with employee numbers ranging from 100 to …

Singapore launched its first AI strategy in 2019, aiming to deepen the use of AI in transforming the economy. Singapore’s early investment in AI led to the creation of approximately 150 research teams and 900 startups focusing on AI development. Consequently, Singapore has experienced notable advancements in AI, leading to …

LockBit ransomware group claim to have cyber attack the Citizens Bank of West Virginia. The group post on tweeter that “Just another greedy company that puts their own money above client’s privacy”. The hackers set a deadline for their demands till December 9, 2023, otherwise it will be published. But …

Some governments have asked Apple and Google for the push notification records of their users in order to track down certain individuals. This information comes from U.S. Senator Ron Wyden. “Push notifications are alerts sent by phone apps to users’ smartphones,” Wyden said. Senator Ron Wyden wrote a letter to …

INTERPOL, the world’s largest international police organization unveiled its new enhanced BioHub. This system, powered by IDEMIA’s advanced multibiometric identification system (MBIS), is expected to transform global law enforcement capabilities. MBIS 5 is the latest version, released in October 2023. It has new algorithms that improve matching accuracy, reduce response …

ICANN introduced RDRS to make it easier to request nonpublic registration data for gTLDs. ICANN’s this new service will help law enforcement finding domain owners’ private information and data. ICANN Launches RDRS ICANN-approved registrars have to hide personal information in public records. This makes it difficult to access the information …

15,000 Go module repositories on GitHub are vulnerable to repojacking attack, according to new research. VulnCheck chief technology officer jacob Baines shared a report with renowned newspaper where he said, “More than 9,000 repositories are vulnerable to repojacking due to GitHub username changes, “More than 6,000 repositories were vulnerable to …