Tag: Cybersecurity

New F5 BIG-IP Vulnerabilities Exploited In The Wild

F5 discloses two vulnerabilities in BIG-IP; CISA claims they're already exploited in the wild

Two new vulnerabilities in F5 BIG-IP reportedly allow for remote code execution and SQL injection. The company explains it as a bad input validation. The worst part though is that both vulnerabilities were probably exploited in real-world attacks. F5 BIG-IP Vulnerabilities Allows SQL Injection and Remote Code Execution On October 26, 2023, F5 published two… Continue reading New F5 BIG-IP Vulnerabilities Exploited In The Wild

WeChat and Kaspersky Ban in Canada – What You Should Know?

Canada bans WeChat and Kaspersky on government devices due to privacy and security concerns

The Canadian government has instituted a ban on the use of WeChat and Kaspersky applications on government-issued mobile devices, effective October 30, 2023. The decision, which has raised considerable attention, stems from what the Canadian government has deemed an “unacceptable level of risk.” WeChat and Kaspersky products are Banned in Canada The Canadian government, like… Continue reading WeChat and Kaspersky Ban in Canada – What You Should Know?

Octo Tempest Threat Actor – The Most Dangerous Cybercrime Gang?

Octo Tempest stands as one of the most perilous financial hacking groups in the cybersecurity landscape, posing significant threats to organizations worldwide.

Octo Tempest, a financially-motivated hacking group, has been labeled “one of the most dangerous financial criminal groups” by Microsoft. Known as UNC3944 and 0ktapus, the group has gained attention for bold cyber attacks. What is Octo Tempest Cybercrime Gang? Octo Tempest’s journey into the world of cybercrime is an intriguing one. Only a few months… Continue reading Octo Tempest Threat Actor – The Most Dangerous Cybercrime Gang?

IoT Malware Attacks Grow by 400% in 2023

Hacking into your computer or smartphone is a thing of the past. Today, cybercriminals are hacking into the IoT.

IoT malware has been a major concern over the last decade. However, trends show that things are turning even worse – recent ZScaler research shows a 400% growth in IoT malware attacks in 2023 only. And most likely, it will become worse. Massive jump in attacks on IoT infrastructure According to the study, the number… Continue reading IoT Malware Attacks Grow by 400% in 2023

What is Android:TrojanSMS-PA detection?

Huawei users massively complain on the Google app being detected as Android:TrojanSMS-PA

Android:TrojanSMS-PA is a detection name from a built-in Huawei security tool. This particular name recently appeared as a detection of the Google app on Huawei devices. However, this name is not a 100% false positive, and here is why. What is Android:TrojanSMS-PA? As I said, Android:TrojanSMS-PA detection name is one of hundreds used by an… Continue reading What is Android:TrojanSMS-PA detection?

VMware Releases Patch for Critical vCenter Server RCE Vulnerability

VMware released a patch for a critical vulnerability CVE-2023-34048, which has a maximum CVSSv3 score of 9.8

VMware has released a patch for a critical vulnerability in the vCenter Server with a high CVSS score. This vulnerability allows a remote unauthorized user to execute arbitrary code on a target system. RCE In VMWare vCenter Server Receives a Fix On October 25, 2023, VMware released a patch for a critical vulnerability CVE-2023-34048, which… Continue reading VMware Releases Patch for Critical vCenter Server RCE Vulnerability

1Password Hacked Following the Okta Hack

Upon Okta support dept being compromised, 1Password reports about a related security issue

Recent security breach in the 2FA provider Okta appears to affect some of its clients. Among others, a password management service 1Password reported about the “suspicious activity” that is most likely related to the situation in Okta. What happened to Okta? At the end of October 2023, Okta released a notification on social media about… Continue reading 1Password Hacked Following the Okta Hack

Skype & Microsoft Teams Spam Spreads DarkGate Loader

DarkGate Loader malware resurges, now spreading through Microsoft Teams and Skype.

Over the past few years, DarkGate has been relatively inactive. However, several campaign deployments have been detected this year across the Americas, Asia, the Middle East, and Africa. They started to aim at Microsoft apps, such as Skype and Teams, for spreading to target systems. What is DarkGate Loader? DarkGate Loader is a type of… Continue reading Skype & Microsoft Teams Spam Spreads DarkGate Loader

Fake Amazon and Microsoft Tech Support call centers busted

India has declared war on fake tech support services, extorting money from users worldwide.

Amazon and Microsoft are partnering with CBI to crack down on multiple tech support call centers scams across India. These call centers target customers of Amazon and Microsoft, two of the largest companies in the tech industry, and have defrauded more than 2,000 Amazon and Microsoft customers, mainly in the US. Fake Amazon and Microsoft… Continue reading Fake Amazon and Microsoft Tech Support call centers busted

“Professional Hacker” Email Scam

Hackers use different patterst to scam people, but some have become obscenely popular.

Among hundreds of different types of scam emails, there is a specific scary one that bothers people around the world. Known as “Professional Hacker” scam email, it claims that an illusory hacker has accessed your PC and gathered whatever information, including capturing videos through the web camera. The message is accompanied by a ransom demand… Continue reading “Professional Hacker” Email Scam