Collaborate Disseminate
Yesterday, two members of the Google Project Zero team revealed about six “interactionless” security bugs that can affect iOS by exploiting the iMessage Client. Four of these bugs can execute malicious code on a remote iOS device, without a… Continue reading Google Project Zero reveals six “interactionless” bugs that can affect iOS via Apple’s iMessage
Capital One Financial Corp., one of the largest banks in the United States, has been subject to a massive data breach affecting 100 million customers in the U.S and an additional 6 million in Canada. Capital One said the hacker exploited a configuratio… Continue reading Ex-Amazon employee hacks Capital One’s firewall to access its Amazon S3 database; 100m US and 60m Canadian users affected
On Wednesday, July 17, 2019, the Kazakhstan government started intercepting internet traffic within its borders. The government further instructed all the ISPs to force their users to install a government-issued root certificate by Quaznet Trust N… Continue reading Kazakhstan government intercepts nationwide HTTPS traffic to re-encrypt with a govt-issued root certificate – Cyber-security or Cyber-surveillance?
Europe’s satellite navigation system, Galileo, is suffering a major outage since July 11, nearing 100 hours of downtime, due to a “technical incident related to its ground infrastructure”, according to the European GNSS (Global Naviga… Continue reading EU’s satellite navigation system, Galileo, suffers major outage; nears 100 hours of downtime
After the recent disclosure of the vulnerability in Mac’s Zoom Client, Apple was quick to patch the vulnerable component. On July 9, the same day when security researcher, Jonathan Leitschuh revealed the vulnerability publicly, Apple released a p… Continue reading Apple patched vulnerability in Mac’s Zoom Client; plans to address ‘video on by default’
A vulnerability in Mac’s Zoom Client allows any malicious website to initiate users’ camera and forcibly join a Zoom call without their authority. This vulnerability was publicly disclosed by security researcher, Jonathan Leitschuh, today. … Continue reading A zero-day vulnerability on Mac Zoom Client allows hackers to enable users’ camera, leaving 750k companies exposed
Security researchers, Noam Rotem and Ran Locar, from vpnMentor recently revealed in their report, that a Shenzhen-based Chinese IoT management platform company, Orvibo exposed its user database online without any password protection. The Elasticsearch … Continue reading Unprotected Elasticsearch database exposes 2 billion user records from smart home devices
A month ago, in June, the company said in a blog post, “The openness of YouTube’s platform has helped creativity and access to information thrive. It’s our responsibility to protect that, and prevent our platform from being used to in… Continue reading YouTube’s ban on “instructional hacking and phishing” videos receives backlash from the infosec community
Telegram’s founder Pavel Durov shared his suspicion that the recent massive DDoS attack on his messaging service was made by the Chinese government. He also stated that this attack coincides with the ongoing Hong Kong protests where protesters us… Continue reading Telegram faces massive DDoS attack; suspects link to the ongoing Hong Kong protests
Tavis Ormandy, a vulnerability researcher at Google, uncovered a security issue in SymCrypt, the core cryptographic library for Windows, which the Microsoft team is still trying to fix. Ormandy says that if the vulnerability is exploited in a denial of… Continue reading Google researcher reveals an unpatched bug in Windows’ cryptographic library that can quickly “take down a windows fleet”