FBI: Cyber-Criminals Are Purchasing Search Engine Ad Services to Launch Attacks
The FBI has warned that cyber-criminals are using search engine advertisement services to defraud the public. The public service announcement, issued on December 21, 2022, stated that threat actors are purchasing these ad services to impersonate brands for the purpose of luring users to malicious websites. These sites, which “look...
A Local Solution to A Global Problem: Why Cyber Security Operation Centres Should Be UK Based
Where you choose to base your SOC physically is a crucial yet underappreciated decision. The current financial environment has everyone money conscious, but many companies are still leaving themselves vulnerable to big pay-outs to cyber fraudsters. Cyber criminals earn three times the average salary of a FTSE 100 chief executive, according to a recent report. Even rookies are raking it in, taking home approximately £15,000 a month. The report found that if it was a country, the global fraud industry would be the third-biggest economy in the world, behind only the US and China.
Container Verification Bug Allows Malicious Images to Cloud Up Kubernetes
A high-severity security vulnerability in the Kyverno admission controller for container images could allow malicious actors to import a raft of nefarious code into cloud production environments. The Kyverno admission controller offers a signature-verification mechanism designed to ensure that only signed, validated container images are being pulled into a given...
Shoemaker Ecco leaks almost 60GB of customer data
Shoemaker Ecco has been operating a misconfigured database for more than a year, exposing a huge tranche of sensitive information to whoever knew where to look. This is according to a new report from Cybernews (opens in new tab), whose research team recently identified 50 Ecco indices exposed to the public. In total, the database has had more than 60GB of sensitive data that’s been available since June 2021.
McGraw Hill breach exposed 22 terabytes of sensitive student data
Facepalm: McGraw Hill is one of America’s “big three” educational publishers, with a growing technology business that sells services to host and facilitate online classes. As vpnMentor discovered, however, McGraw Hill didn’t receive a passing grade in security and decent opsec practices. Researchers at vpnMentor found...
Microsoft Patches Azure Cross-Tenant Data Access Flaw
Microsoft has silently fixed an important-severity security flaw in its Azure Container Service (ACS) after an external researcher warned that a buggy feature allowed cross-tenant network bypass attacks. The vulnerability, documented by researchers at Mnemonic, effectively removed the entire network and identity perimeter around internet-isolated Azure Cognitive Search instances and...
Hundreds of banks and crypto exchanges targeted by Android Godfather malware
Multiple cybersecurity firms have confirmed the existence of Godfather, an Android banking malware that has been found targeting victim’s bank and cryptocurrency accounts. Experts at Group-IB, ThreatFabric, and Cyble have all recently reported on Godfather, its targets, and methodologies, which sees the malware attempt to steal login data by overlaying legitimate banking and cryptocurrency apps (exchanges, wallets, and similar).
ByteDance admits using TikTok data to track journalists
TikTok parent company ByteDance revealed that several employees accessed the TikTok data of two journalists to investigate leaks of company information to the media. The employees of ByteDance, the China-based company that owns TikTok and its Chinese counterpart Douyin, accessed data from TikTok to track a Financial Times reporter and a former BuzzFeed reporter in a bid to identify the source of leaks to the media.
An Internet of Things technology: current tendencies in IoT outsourcing
Entrepreneurs are interested in involving and immersing their customers in the experience with their products. The Internet of Things is a modern technology that allows you to achieve a close interaction of the consumer with your digital products, expand the experience of users and make it brighter. Outsourcing IoT development is a service on demand among medium and large companies. The team of PNN Tech engineers will gladly share their experience on the topic.
NFT Scammers Luring Buyers With ‘Gasless Sales’ on OpenSea, Multiple ‘Apes’ Stolen: Harpie
OpenSea, the biggest NFT marketplace there is, constantly finds itself under threat from notorious cyber actors. A new kind of scam is looming over the visitors of OpenSea, that offers ‘gasless sales’ on the platform and eventually redirects the victims to phishing sites. Built on the blockchain tech, NFTs are digital collectibles that hold financial value and could also be used in metaverses. Web3 scammers are known to have been invading the NFT sector to churn big profits from one act of theft.
Threat Actors Use Known Excel Vulnerability
Microsoft Office files, particularly Excel and Word files, have been targeted by some cybercriminals for a long time. Through different techniques, attackers have used embedded Visual Basic for Applications macros to infect computers with different kinds of malware for cybercrime and cyberespionage. In most cases, users still needed to click...
CISA Guidance Highlights the Need for Total Network Observability
In the wake of the pandemic, global IT managed services are exploding in popularity. Grand View Research, Inc. predicts the market will reach $731 billion in revenue by 2030, with government-centered digital transformation initiatives helping drive that growth. As a result, the demand for services has made managed service providers (MSPs) a popular target for international cybercrime.
6 Best Data Saving Apps For Android Device Users
The majority of phone owners frequently experience a frustrating situation when we lose our data for no apparent reason. May it be because of unnecessary access to aps, updates, auto entry to websites, and many more reasons, we can agree that none of us likes spending extra money on mobile data.
5 Warning Signs That Your iPad Needs a Replacement
Does the iPad that you’ve been using for years suddenly feel quite old for modern times? Is your iPad struggling to keep up with apps and games? The sad reality is digital devices do not last forever. iPads don’t necessarily come with an expiration date. You can use it...
