Most mobile app users tend to blindly trust that the apps they download from app stores are safe and secure. But that isn’t always the case. To demonstrate the pitfalls and identify vulnerabilities on a large scale, cybersecurity and machine intelligence company CloudSEK recently provided a platform called BeVigil where individuals can search and check…
Security Researcher Released PoC Exploit for High-severity Vulnerability in Microsoft Exchange | IT Security News 4. May 2021 Last week, security specialist Nguyen Jang has released technical information and proof-of-concept exploit (PoC) code for the severe flaw CVE-2021-28482 in Microsoft Exchange Server that could be used by hackers to perform code on vulnerable systems. The…
The Bill and Melinda Gates Foundation is likely to continue as now despite the couple announcing their divorce after 27 years of marriage, Dr Beth Breeze, director of the Centre for Philanthropy, at Kent University, said. “They have got a 21-year history in their foundation of giving sums larger than anyone has given historically, working…
New Pingback Malware Using ICMP Tunneling to Evade C&C Detection | IT Security News 4. May 2021 Researchers on Tuesday disclosed a novel malware that uses a variety of tricks to stay under the radar and evade detection, while stealthily capable of executing arbitrary commands on infected systems.Called ‘Pingback,’ the Windows malware leverages Internet Control…
The Alaska Court System (ACS) was forced to temporarily disconnect its online servers this week due to a cyberattack that installed malware on their systems, disrupting virtual court hearings. According to a statement put out by the ACS on Saturday, the court’s website had been taken offline and the ability to search court cases had…
Fraud Management & Cybercrime , Fraud Risk Management , Incident & Breach Response Faster Detection Is Good News, But More Speed Still Needed, Mandiant Reports Mathew J. Schwartz (euroinfosec) • May 3, 2021 Source: FireEye Mandiant “Dwell time,” which refers to how long hackers hang out in an organization’s network before being discovered,…
Artificial intelligence (AI) researcher, Joy Buolamwini, has spent the last four years raising awareness of the social implications and possible harm of the technology. Inspired by her own experiences of facial recognition tech she founded the Algorithmic Justice League and recently became the star of the Netflix documentary Coded Bias. BBC Click’s Spencer Kelly finds…
Ivanti, the company behind Pulse Secure VPN appliances, has released a security patch to remediate a critical security vulnerability that was found being actively exploited in the wild by at least two different threat actors. Tracked as CVE-2021-22893 (CVSS score 10), the flaw concerns “multiple use after free” issues in Pulse Connect Secure that could…
from the so-it-went dept Five Years Ago This week in 2016, the DOJ dropped one of its big cases over iPhone encryption after the defendant suddenly remembered his passcode, while documents revealed that the FBI hid surveillance techniques from federal prosecutors in case they one day became defense lawyers. The FBI was also planning to…
In 2018, industry and academic researchers revealed a potentially devastating hardware flaw that made computers and other devices worldwide vulnerable to attack. Researchers named the vulnerability Spectre because the flaw was built into modern computer processors that get their speed from a technique called “speculative execution,” in which the processor predicts instructions it might end up executing…
