Security News > 2022 > July

Virtual pet website Neopets has suffered a data breach leading to the theft of source code and a database containing the personal information of over 69 million members. Neopets is a popular website where members can own, raise, and play games with their virtual pets.

Google has added support for the DNS-over-HTTP/3 protocol on Android 11 and later to increase the privacy of DNS queries while providing better performance. Roid previously supported DNS-over-TLS for version 9 and later to bolster DNS query privacy, but this system inevitably slowed down DNS requests due to the encryption overhead. Moreover, DoT requires a complete renegotiation of the new connection when changing networks.

Kremlin-backed criminals are trying to trick people into downloading Android malware by spoofing a Ukrainian military group, according to Google security researchers. The CyberAzov app promises to "Help stop Russian aggression against Ukraine" by deploying Denial of Service attacks against set Russian targets, according to the phony website.

Kremlin-backed criminals are trying to trick people into downloading Android malware by spoofing a Ukrainian military group, according to Google security researchers. The CyberAzov app promises to "Help stop Russian aggression against Ukraine" by deploying Denial of Service attacks against set Russian targets, according to the phony website.

Infosec boffins have released a tool to decrypt and unpack the microcode for a class of low-power Intel CPUs, opening up a way to look at how the chipmaker has implemented various security fixes and features as well as things like virtualization. Published Monday on GitHub, the Intel Microcode Decryptor is a collection of three Python scripts users can execute to decode the microcode - including the SGX XuCode - of certain Atom, Pentium, and Celeron CPUs based on Intel's Goldmont and Goldmont Plus microarchitectures.

Atlassian has patched a critical hardcoded credentials vulnerability in Confluence Server and Data Center that could let remote, unauthenticated attackers log into vulnerable, unpatched servers. According to Atlassian, the app helps improve communication with the organization's internal Q&A team and is currently installed on over 8,000 Confluence servers.

That's certainly the case for a troika of cybercriminals alleged to have been behind the infamous Gozi "Banking Trojan" malware, which first appeared in the late 2000s. Kuzmin, as we explained at the time, was effectively the COO of the group, hiring coders to create malware for the gang, and managing a bunch of cybercrime affiliates to deploy the malware and fleece victims - an operating model known as crimeware-as-a-service that is now used almost universally by ransomware gangs.

A scarily realistic-looking Google Search YouTube advertisement is redirecting visitors to tech support scams pretending to be security alerts from Windows Defender. Today, cybersecurity firm Malwarebytes disclosed that they discovered a "Major" malvertising campaign abusing Google ads.

Cisco has addressed severe vulnerabilities in the Cisco Nexus Dashboard data center management solution that can let remote attackers execute commands and perform actions with root or Administrator privileges. "A successful exploit could allow the attacker to perform actions with Administrator privileges on an affected device," Cisco explains.

The Google Workspace team announced today that it started rolling out a new method to block Google Calendar invitation spam, available to all customers, including legacy G Suite Basic and Business users."To help keep your Google Calendar free from spam, you can now select an option to display events on your calendar only if they come from a sender you know," the Google Workspace team said today.