CyberManipal.
Tech news from MIST
Latest
Latest news from CyberManipal, that matters.
Page 2
RESEARCH AND DEVELOPMENT
Hackers use rogue websites to attack organizations with lateral phishing
2 years ago
Microsoft has disclosed details of phishing campaigns used to target organizations by using stolen credentials to register on devices on the victim's network and spread spam emails to increase the infection pool. Microsoft also said that the attack occurs through the accounts that were not secured using multi-factor authentication (... Read more
Microsoft has disclosed details of phishing campaigns used to target organizations by using stolen credentials... Read more
RESEARCH AND DEVELOPMENT
India Eyeing Self Developed OS to Rival iOS and Android
2 years ago
The the Ministry of Electronics and Information Technology has announced that the Government is planning to promote the creation of an "indigenous" mobile Operating System to compete with iOS and Android. India is an increasingly important market to Apple, but it continues to face fierce competition from Android... Read more
The the Ministry of Electronics and Information Technology has announced that the Government... Read more
BREACHES
Hackers Exploited MSHTML Flaw to Spy on Government and Defense Targets
2 years ago
On Tuesday, 25th January 2022, cybersecurity researchers Tuesday took the wraps off a multi-stage espionage campaign targeting high-ranking government officials overseeing national security policy and individuals in the defense industry in Western Asia. Trellix, a new company created following the merger of security firms McAfee Enterprise and FireEye, said that... Read more
On Tuesday, 25th January 2022, cybersecurity researchers Tuesday took the wraps off a multi-stage espionage... Read more
VULNERABILITIES
High-Severity Vulnerability in 3 WordPress plug-ins affected 84,000 websites
2 years ago
Researchers have disclosed a security shortcoming affecting three different WordPress plugins that impact over 84,000 websites and could be abused by a malicious actor to take over vulnerable sites. Login/Signup Popup is installed on over 20,000 sites, while Side Cart Woocommerce and Waitlist Woocommerce have been installed on more than... Read more
Researchers have disclosed a security shortcoming affecting three different WordPress plugins that impact over 84,000... Read more
VULNERABILITIES
Dark Web's Largest Marketplace for Stolen Credit Cards Shuts Down
2 years ago
UniCC is shuttering its operations after earning $358 million in purchases since 2013 using cryptocurrencies such as Bitcoin, Litecoin, Ether, and Dash. It's the most prominent dark web marketplace for stolen credit and debit cards. The team gave its users ten days to spend their balances and warned them to... Read more
UniCC is shuttering its operations after earning $358 million in purchases since 2013 using cryptocurrencies... Read more
VULNERABILITIES
Microsoft fixes Y2K22 Exchange bug that disrupted email worldwide on New Years
2 years ago
The turn of the new year triggered errors in Microsoft Exchange mail servers, causing thousands of emails around the world not to get sent and staying stuck on email transport queues causing entire servers to crash. The server administration community dubbed this bug “Y2K22” due to its similarity to the... Read more
The turn of the new year triggered errors in Microsoft Exchange mail servers, causing thousands... Read more
VULNERABILITIES
Cloud services used to distribute Netwire, Nanocore, and AsycnRat Malware
2 years ago
Malicious attackers have been using public cloud services from Amazon and Microsoft in their campaigns to deliver remote access trojans or RATS and use them to steal sensitive information from compromised systems. Employing existing infrastructure to support invasions is becoming more common. It eliminates the need for attackers to run... Read more
Malicious attackers have been using public cloud services from Amazon and Microsoft in their campaigns... Read more
VULNERABILITIES
New Apache Log4j Update Released to Patch Newly Discovered Vulnerability
3 years ago
Log4j is a popular Java library developed by the open-source Apache Software Foundation. Developers use it to log error messages in apps and cloud services such as Minecraft, Steam, and Apple iCloud. This software is publicly accessible and collects and stores activity records on a server. This week, Apache released... Read more
Log4j is a popular Java library developed by the open-source Apache Software Foundation. Developers use... Read more
BREACHES
Unexplained PII compromised by Ripta Data Breach
3 years ago
Data breach compromising Peronsal Identifiable Information (PII) including the names, social security numbers, addresses, birthdates, Medicare information, health insurance member identification numbers, and claims information of a disputed number of individuals, was disclosed by The Rhode Island Public Transit Authority (RIPTA). It was first detected on August 5, 2021. The... Read more
Data breach compromising Peronsal Identifiable Information (PII) including the names, social security numbers, addresses, birthdates,... Read more
BREACHES
Android apps affected by the Joker malware
3 years ago
The Joker malware has infected at least 14 Android apps, as founded by an analyst at Cybersecurity firm Kaspersky named Tatyana Shishkova. It was first discovered in 2017 and had been a major challenge for Google to tackle it back. An alert has been issued by the mobile security solutions... Read more
The Joker malware has infected at least 14 Android apps, as founded by an analyst... Read more
