In Brief Benjamin Harris, CEO of watchTowrs, successfully manufacture fake HTTP certificates, tracked email activity, and execute code of his choice on thousands of servers for $20. He registered the domain dotmobregistry.net, which was previously the authoritative WHOIS server for .mobi. He observed the domain’s expiration and set up his own .mobi WHOIS server there, …
Continue reading “Security Researcher Exposes Critical WHOIS Vulnerability”
This article highlighted how researchers explore the security vulnerability in the Nexus Android botnet’s command and control (C&C) panel. This security researcher exploited the vulnerability of C&C panel by compromising the panel to gain valuable threat intelligence. The article also highlighted the model of mobile Appinjects, which is use to gain the knowledge of overlay …
During ACM CCS 2024, held October 14-18, 2024, researchers from ETH Zurich, Jonas Hofmann and Kien Tuong Truong, indicated severe security flaws in the end-to-end encryption (E2EE) systems of several cloud storage service providers. These flaws can pose a significant threat to user information and undermine the promised security standards of those providers. The research …
In a bizarre turn of events, Game Freak, the developer behind the popular Pokémon game series, has fallen victim to a massive cyberattack, resulting in the leak of decades of information. The leak, known as “Teraleak,” includes sensitive game-related details from the early days of Pokémon, such as unreleased content, game development assets, financial records, …
In other news, a popular project management tool from Atlassian, Trello, just experienced a serious data breach. According to reports from Hackread.com, the hacker whose alias is “Emo” recently leaked this data on a cybercrime platform called “Breach Forums,” where it was confirmed that a staggering 21.1GB of customer information was lost in this breach. …
Continue reading “TRELLO DATA BREACH: PRECAUTIONARY STEPS FOR AFFECTED VICTIMS”
In May 2024, a new social engineering tactic called ClickFix emerged which involves displaying fake error messages in web browsers to deceive users into copying and executing a given malicious PowerShell Command. According to Proofpoint researchers[1], who named this tactic ClickFix, they reported that the initial access broker TA571 leveraged it in email phishing campaigns …
What happened? On Oct 11th 2024 all 22 locations of public libraries across Calgary was shut down amid a cyber-attack. The early news suspected it to be the ransomware attack endangering public’s crucial data at the hands of attackers. Why was library targeted? “Libraries are a rich target, and the reason that they’re rich target …
Brute force attacks are currently on the rise and constantly evolving. The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and more, released an advisory on October 16, 2024, warning several large organizations and most especially critical infrastructure sectors on the ongoing brute force attacks being carried out by some Iranian cyber …
Continue reading “Iranian Cyber Actors Target Critical Infrastructure Sectors”
“OpenAI says it has disrupted 20-plus foreign influence networks in past year”[4] It was about time when analysts and researchers will find AI-generated malware in the wild. Last month, a report published by HP wolf Security[5] highlighted the malicious code has been detected in the recent targeted email campaigns to French users to deliver AsyncRAT …
Continue reading “Generative AI used in developing malwares”
France’s Grand Palais discloses cyberattack during Olympic gamesOn Saturday night, August 3, 2024, the Grand Palais Réunion des musées nationaux (Rmn) in France fell victim to a cyberattack, raising concerns about the security of cultural institutions amid ongoing digital threats. The Grand Palais Rmn is a significant institution responsible for managing various museums and cultural …
Continue reading “France’s Grand Palais discloses cyberattack during Olympic games”
Powered by UCalgary
The views, information, or opinions expressed on this site are solely those of the individual(s) involved and do not necessarily represent the position of the University of Calgary as an institution.
Website Terms & Conditions | Privacy Policy | Copyright © 2024
