Stay up-to-date with the latest cybersecurity news and developments in the cybersecurity landscape. Be the first to know about the latest threats, current innovations, and major trends in the cyber universe. Check our Cyber News section for the freshest information.
A significant security flaw has been uncovered in WhatsApp’s “View Once” feature, potentially compromising the privacy of over 2 billion users worldwide. This vulnerability allows unauthorized access to supposedly self-destructing messages, raising serious concerns about the effectiveness of the app’s privacy measures. Understanding the “View Once” Feature Introduced three years ago, the “View Once” function … Read more
Cybersecurity researchers at ESET have uncovered a sophisticated new Android malware called NGate, capable of exploiting Near Field Communication (NFC) technology to steal money and clone access cards. This discovery highlights the evolving landscape of mobile threats and underscores the need for enhanced security measures among Android users. How NGate Works: A Multi-Stage Attack NGate … Read more
In a significant milestone for the cybersecurity community, the Flipper Zero team has unveiled their highly anticipated firmware version 1.0 after three years of meticulous development. This major update introduces a host of new features and improvements, solidifying Flipper Zero’s position as a versatile and powerful tool for security professionals and enthusiasts alike. Key Enhancements … Read more
A new cybersecurity threat is emerging in the world of mobile banking, as cybercriminals leverage Progressive Web Applications (PWAs) to conduct sophisticated phishing attacks. This trend, first observed in July 2023, poses a significant risk to both Android and iOS users, potentially compromising their sensitive financial information. Understanding Progressive Web Applications (PWAs) PWAs are cross-platform … Read more
Cybersecurity researchers at NinjaLab have uncovered a critical vulnerability in Infineon’s cryptographic library, used in numerous secure microcontrollers. This side-channel attack, dubbed EUCLEAK, has far-reaching implications for a wide range of products, including hardware security keys, electronic passports, and even smart cars. Understanding EUCLEAK: A Threat to Cryptographic Security EUCLEAK exploits a weakness in the … Read more
Cybersecurity experts at Trend Micro have uncovered a sophisticated malware campaign targeting users in the Middle East. The malicious software cleverly disguises itself as Palo Alto Networks’ GlobalProtect, a widely-used VPN tool, raising concerns about potential widespread corporate network infiltrations. The Deception: Malware Mimicking Trusted VPN Software While the initial attack vector remains unclear, researchers … Read more
Microsoft has issued an urgent warning to users about a critical TCP/IP vulnerability that could allow remote code execution on affected systems. This high-severity flaw, identified as CVE-2024-38063, impacts all Windows systems with IPv6 protocol enabled by default, putting millions of devices at risk. Understanding the Vulnerability The vulnerability, discovered by researchers at Kunlun Lab, … Read more
Google has released its monthly Android security update, addressing a total of 34 vulnerabilities across various versions of the mobile operating system. The most notable fix in this patch is for CVE-2024-32896, a critical vulnerability that has been actively exploited by threat actors and was previously patched only for Pixel devices. Understanding CVE-2024-32896: A Serious … Read more
The cybersecurity landscape is witnessing a significant evolution of the Quad7 botnet, as reported by Sekoia analysts. Initially known for targeting TP-Link and ASUS routers, Quad7 has now expanded its reach to include Zyxel VPN devices, Ruckus wireless routers, and Axentra media servers. This expansion marks a concerning development in the botnet’s capabilities and potential … Read more
Microsoft has unveiled a sophisticated cyber campaign orchestrated by North Korean threat actors, exploiting a recently patched Google Chrome zero-day vulnerability (CVE-2024-7971) to deploy the notorious FudModule rootkit. This revelation underscores the persistent threat posed by state-sponsored hacking groups to the global financial sector, particularly cryptocurrency organizations. Citrine Sleet: The Culprit Behind the Attacks Microsoft … Read more
