Deepfake is a rising concern in the world of cyber security as it creates hyper-realistic audio, video which could trick people and even machines to be easily manipulated into thinking it as real and authentic and hence causing several consequences of scams and frauds such as impersonation and spreading misinformation. By smoothly fusing facts and …
Continue reading ““Fake Faces, Real Threats: Understanding Deepfakes in Cybersecurity” “
In January 2025, the U.S. Securities and Exchange Commission (SEC) took a decisive action against Ashford Inc., a Dallas-based asset management firm primarily serving the hospitality industry, for its failure to disclose critical details about a cyberattack that compromised sensitive information of approximately 46,000 hotel guests [3][5]. A copy of the SEC’s January 13, 2025, …
Continue reading “Cybersecurity Transparency: The SEC’s Action Against Ashford Inc.”
In November of 2024, a bootkit.efi hash was uploaded to the Virus Total database by an anonymous source (1), to which researchers at ESET uncovered that this binary pertained to the first of its kind: a UEFI Bootkit written not for Windows, but for Linux (2). Through their analysis, ESET determined that the application, titled …
Continue reading “Bootkitty: The First UEFI Bootkit for Linux”
A recent data breach has revealed how popular apps (Tinder, Grindr, Candy Crush etc.) may have unknowingly participated in the harvesting of sensitive location data.[1] The data was collected through the advertising ecosystem and even the app developers might not have been aware of it. This breach, which involved location data company Gravy Analytics, reveals …
Continue reading “Millions of location data were hacked from Gravy Analytics”
Cybercriminals, including those of Portuguese origin operating out of Brazil, Asia-based threat actors using advertiser accounts from Hong Kong, and a threat actor group of Eastern Europeans, are using Google search advertisements to promote phishing sites that steal advertisers’ credentials for the Google Ads platform and utilize it to push out malvertising campaigns. 1 How …
Hello everyone! I’m proud to announce the completion of my project: MG-GA. As a heavily documented, C++ application, it serves as a teaching aid to better understand not only the MinGen algorithm, but also the general ideas of Brute-Force and Genetic Algorithms alongside ways that they can be optimized. The GitHub repository is available at …
Introduction Mobile malware remains one of the greatest threats in the world of technology today with many unscrupulous apps bobbing up from time to time. A prime example is the recent FireScam Android app which impersonates the popular messaging platform Telegram. The fraudulent software has been developed to steal sensitive user data and it’s dangerous …
Continue reading “FireScam Android Malware: A New Threat Disguised as Telegram”
The Lazarus Group, a North Korea-linked hacking organization known for high-profile cyberattacks like the WannaCry ransomware, has launched a new operation called Operation 99. This campaign targets software developers in the Web3 and cryptocurrency sectors, aiming to steal sensitive information and deploy malware. According to Ryan Sherstobitoff, Senior Vice President at SecurityScorecard, the attack starts …
In January 2025, Apple settled a major class action lawsuit for $95 million over privacy concerns with its Siri virtual assistant. The lawsuit had been brewing for years and was centered around allegations that Siri was secretly collecting data, possibly even eavesdropping. If you’re a regular Siri user on your iPhone or iPad, this news …
In the digital age, a single compromised password can unleash a tornado of privacy risks. On a chilly October morning in 2024, Pacific Pulmonary Medical Group discovered a nightmare scenario that would send chills down every patient’s spine: their sensitive medical data had been exposed, laying bare the fragile digital defences of modern healthcare. This …
Powered by UCalgary
The views, information, or opinions expressed on this site are solely those of the individual(s) involved and do not necessarily represent the position of the University of Calgary as an institution.
Website Terms & Conditions | Privacy Policy | Copyright © 2024
