Stay up-to-date with the latest cybersecurity news and developments in the cybersecurity landscape. Be the first to know about the latest threats, current innovations, and major trends in the cyber universe. Check our Cyber News section for the freshest information.
In a surprising turn of events at the recent DEF CON hacking conference in Las Vegas, cybersecurity giant CrowdStrike was awarded the infamous ‘Most Epic Fail’ Pwnie Award. The company’s president, Michael Sentonas, personally accepted the award, demonstrating an unprecedented level of accountability in the cybersecurity industry. The Incident: A Global Windows Meltdown The award … Read more
Cybersecurity experts at Orca have uncovered a concerning new threat in the world of continuous integration and continuous deployment (CI/CD). Malicious actors are now exploiting GitHub Actions, a popular CI/CD platform, through a technique known as typosquatting. This tactic could potentially lead unsuspecting developers to execute malicious code or compromise their entire software supply chain. … Read more
Google’s Play Integrity API is ushering in a new era of Android app security and distribution control. This powerful tool, an evolution of the SafetyNet Attestation API, now offers developers unprecedented capabilities to verify app integrity and encourage official app store downloads. Understanding Play Integrity API The Play Integrity API serves as a robust security … Read more
Cybersecurity researchers from Israel have unveiled a groundbreaking attack method dubbed RAMBO (Radiation of Air-gapped Memory Bus for Offense), which exploits electromagnetic radiation emitted by computer memory to exfiltrate data from air-gapped systems. This innovative technique poses a significant threat to highly secure environments that rely on physical isolation for protection. Understanding Air-Gapped Systems and … Read more
A significant security flaw has been uncovered in WhatsApp’s “View Once” feature, potentially compromising the privacy of over 2 billion users worldwide. This vulnerability allows unauthorized access to supposedly self-destructing messages, raising serious concerns about the effectiveness of the app’s privacy measures. Understanding the “View Once” Feature Introduced three years ago, the “View Once” function … Read more
Cybersecurity researchers at ESET have uncovered a sophisticated new Android malware called NGate, capable of exploiting Near Field Communication (NFC) technology to steal money and clone access cards. This discovery highlights the evolving landscape of mobile threats and underscores the need for enhanced security measures among Android users. How NGate Works: A Multi-Stage Attack NGate … Read more
In a significant milestone for the cybersecurity community, the Flipper Zero team has unveiled their highly anticipated firmware version 1.0 after three years of meticulous development. This major update introduces a host of new features and improvements, solidifying Flipper Zero’s position as a versatile and powerful tool for security professionals and enthusiasts alike. Key Enhancements … Read more
A new cybersecurity threat is emerging in the world of mobile banking, as cybercriminals leverage Progressive Web Applications (PWAs) to conduct sophisticated phishing attacks. This trend, first observed in July 2023, poses a significant risk to both Android and iOS users, potentially compromising their sensitive financial information. Understanding Progressive Web Applications (PWAs) PWAs are cross-platform … Read more
Cybersecurity researchers at NinjaLab have uncovered a critical vulnerability in Infineon’s cryptographic library, used in numerous secure microcontrollers. This side-channel attack, dubbed EUCLEAK, has far-reaching implications for a wide range of products, including hardware security keys, electronic passports, and even smart cars. Understanding EUCLEAK: A Threat to Cryptographic Security EUCLEAK exploits a weakness in the … Read more
Cybersecurity experts at Trend Micro have uncovered a sophisticated malware campaign targeting users in the Middle East. The malicious software cleverly disguises itself as Palo Alto Networks’ GlobalProtect, a widely-used VPN tool, raising concerns about potential widespread corporate network infiltrations. The Deception: Malware Mimicking Trusted VPN Software While the initial attack vector remains unclear, researchers … Read more
