Security News

Reddit is down in major outage blocking access to web, mobile apps
2023-03-14 19:49

Reddit is investigating a major outage that is blocking users worldwide from accessing the social network's website and mobile apps. According to its official status page, Reddit confirmed that its website and apps are currently down, and its engineers looking into the root cause of this outage.

Reddit down in outage that blocks access to web and mobile apps
2023-03-14 19:49

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

GoBruteforcer: New Golang-Based Malware Breaches Web Servers Via Brute-Force Attacks
2023-03-14 12:02

A new Golang-based malware dubbed GoBruteforcer has been found targeting web servers running phpMyAdmin, MySQL, FTP, and Postgres to corral the devices into a botnet. The malware is mainly designed to single out Unix-like platforms running x86, x64 and ARM architectures, with GoBruteforcer attempting to obtain access via a brute-force attack using a list of credentials hard-coded into the binary.

Google One expands security features to all plans with dark web report, VPN access
2023-03-09 08:16

Secondly, introducing the dark web report in the U.S. will aid in better monitoring personal information.Google One has announced that VPN access will be expanded to all its plans, including the Basic plan that starts at $1.99/month.

Cisco patches critical Web UI RCE flaw in multiple IP phones
2023-03-01 18:28

Cisco has addressed a critical security vulnerability found in the Web UI of multiple IP Phone models that unauthenticated and remote attackers can exploit in remote code execution attacks. The security vulnerabilities were discovered by Zack Sanchez of the Cisco Advanced Security Initiatives Group during internal security testing.

CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability
2023-02-28 06:42

The U.S. Cybersecurity and Infrastructure Security Agency has added a high-severity flaw affecting the ZK Framework to its Known Exploited Vulnerabilities catalog based on evidence of active exploitation. Tracked as CVE-2022-36537, the issue impacts ZK Framework versions 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2, and 8.6.4.1, and allows threat actors to retrieve sensitive information via specially crafted requests.

How IT jobs and recruiting on the dark web might trick you
2023-02-09 21:28

According to Kaspersky's new research, this tech job recruiting environment is only an illusion - legal jobs are rare on the dark web. Why are some IT pros looking for jobs on the dark web?

SonicWall warns web content filtering is broken on Windows 11 22H2
2023-02-08 22:57

Security hardware manufacturer SonicWall warned customers today of what it describes as a "Limitation" of the web content filtering feature on Windows 11, version 22H2 systems. "We have identified an inconsistency in Capture Client Windows 3.7.6 and older clients on endpoints running Windows 11 version 22H2," the company said in an advisory published on Wednesday.

Metaverse adds new dimensions to Web 3.0 cybersecurity
2023-02-07 20:57

Metaverse poses risks for users and creators While cybersecurity leaders see risk, they're forging ahead Same as it ever was, but in 3D Like the web, metaverse comes with caveat emptor for users Brand reputation risks in 3D. The metaverse is evolving into a 3D digital world for buying, selling, recruiting and training, unbound by geography and currently without clear rules and regulations. There are two main security threats in the metaverse and web 3.0, according to John Tsangaris, technical security leader at infosec company Optiv.

Cybercrime job ads on the dark web pay up to $20k per month
2023-01-30 21:38

Cybercrime groups are increasingly running their operations as a business, promoting jobs on the dark web that offer developers and hackers competitive monthly salaries, paid time off, and paid sick leaves. In a new report by Kaspersky, which analyzed 200,000 job ads posted on 155 dark websites between March 2020 and June 2022, hacking groups and APT groups seek to hire mainly software developers, offering very competitive packages to entice them.