Archive
Attack on Indian Ed Tech Firm Exposes 687K Users
An Indian ed tech provider suffered a serious data breach months ago impacting hundreds of thousands of customers, but is only now informing them of the incident. Vedantu offers a real-time online learning environment for teachers and students from its
Hackers Changing the Main Attack Vector from RDP Compromise to Botnets For Network Breach
The ransomware evolution re-shaping the cyber domain, starting from 2019 the ransomware attacks against high-profile public and corporate networks by making criminal alliances. In 2018, threat actors behind GandCrab ransomware launched their Ransomware-as-a-Service which shifts the paradigm and turns the
UK Launches Cyberhood Watch
Community safety organization Neighbourhood Watch has established a cyber-safety initiative to help Brits protect themselves and their families from online crime. The UK’s largest voluntary movement teamed up with antivirus brand Avast to create the UK Cyberhood Watch. Formed in
DarkUniverse – The Mysterious APT Framework #27
In April 2017, ShadowBrokers published their well-known ‘Lost in Translation’ leak, which, among other things, contained an interesting script that checked for traces of other APTs in the compromised system. In 2018, we found an APT described as the 27th
NTT DATA-owned firm Everis is one of Spain’s largest managed service providers (MSP), it has suffered a ransomware attack, and it was not the only case. Systems at Spain’s largest managed service providers (MSP) Everis have been infected by a
The popular rConfig network configuration management utility is affected by two critical remote code execution flaws that have yet to be patched. rConfig is a completely open-source, network configuration management utility used to validate and manage network devices, including switches,
Expert Marco Ramilli and his team analyzed the sample that infected systems at the Kudankulam Nuclear Power Plant, it is a targeted attack. During the past few days a cyber attack hit Kudankulam Nuclear Power Plant: the largest nuclear power
Malware delivery trends change every day. For the last few years, we have observed various hacker groups like ( APT12 to Turla ) uses various techniques to deliver malware on the system or network. One of the best technique hackers
Security researchers spotted the first mass cyberattack campaign exploiting BlueKeep RDP Flaw to install a cryptocurrency miner on the vulnerable installations. Bluekeep(CVE-2019-0708) is a wormable critical RCE vulnerability in Remote desktop services that let hackers access the vulnerable machine without
A Pentagon advisory board has published a set of guidelines on the ethical use of artificial intelligence (AI) during warfare. In “AI Principles: Recommendations on the Ethical Use of Artificial Intelligence by the Department of Defense,” the Defense Innovation Board
WP Hardening – A Free WordPress Security Plugin to Perform Real-time Security Audit On Your WordPress Site
An average WordPress owner does not know what to do to ensure their WordPress’s security. Those who do know still does not imply. We tried to find the reason behind this erratic behavior. And the results, while not completely unexpected
2 Unpatched Critical RCE Bug Disclosed in Open Source Network Configuration Utility rConfig
Two unpatched remote command execution vulnerabilities have been identified in popular open-source network management system rConfig. Rconfig was written in PHP, a utility used by network engineers to record snapshots of the devices and to monitor device configurations for policy
Android Dropper App Infects 45K Devices
A malicious Android app that displays advertisements and facilitates the download of additional malicious apps has infected over 45,000 devices in six months. Researchers at Symantec observed a surge in detections of the Xhelper app, which has mainly been targeting
Midwest to Get First Cyber Battalion
America’s Midwest is to get its first National Guard cyber battalion. The 127th Cyber Battalion will comprise 100 soldiers, who will be based in Indiana. Before taking up their new command, the soldiers will head to the Muscatatuck Urban Training
Proofpoint has entered into a definitive agreement to acquire ObserveIT for $225m. Extending its data loss prevention (DLP) capabilities with the acquisition of the insider threat management provider, Proofpoint said that the combination of ObserveIT’s lightweight endpoint agent technology and
Global Registrar Web.com Suffers Major Breach
A global internet registrar with millions of customers has admitted suffering a data breach in August which exposed user account information. US-based Web.com, and subsidiaries Network Solutions and Register.com, discovered on October 16 that they were hit by an attack