Collaborate Disseminate
Social engineering is a tactic where the attacker influences the victim to obtain valuable information. Office employees are targeted to reveal confidential data about a corporation while non-specialists can come under the radar to disclose their credi… Continue reading 6 Tips to Prevent Social Engineering
Last week, the team behind LastPass, a password manager website, released an update to patch a security vulnerability that exposes credentials entered by the users on a previously visited site. This vulnerability would let the websites steal credential… Continue reading LastPass patched a security vulnerability from the extensions generated on pop-up windows
Researchers from Skylight Cyber, an Australian cybersecurity enterprise, have tricked Blackberry Cylance’s AI-based antivirus product. They identified a peculiar bias of the antivirus product towards a specific game engine and bypassed it to tric… Continue reading A universal bypass tricks Cylance AI antivirus into accepting all top 10 Malware revealing a new attack surface for machine learning based security
Yesterday, Google Calendar was down for nearly three hours around the world. Calendar users that were trying to access the service faced a 404 error message through their browsers from around 10 AM ET to 12:40 PM ET. Google updated the service details … Continue reading Google Calendar was down for nearly three hours after a major outage
Earlier this month, Cisco announced a critical vulnerability in its Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software. This vulnerability allows an unauthenticated, remote attacker to connect to the affected system with th… Continue reading Cisco reports critical vulnerabilities in Nexus 9000 data center switches, PI software, and EPN manager
Today, Google announced a security bug in its Bluetooth Low Energy (BLE) Titan Security Keys. This issue is due to a misconfiguration in the Titan Security Keys’ Bluetooth pairing protocols, which is currently affecting the BLE versions in the U…. Continue reading Google to provide a free replacement key for its compromised Bluetooth Low Energy (BLE) Titan Security Keys
Microsoft has taken steps to release security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003. The company took this move as a part of its May 14 Patch Tuesday, due to the discovery of a “wormable&… Continue reading Microsoft releases security updates: a “wormable” threat similar to WannaCry ransomware discovered
This week, NATIONAL VULNERABILITY DATABASE (NVD) identified an integer overflow flaw in libssh2 before the release of version 1.8.1 which could lead to an out of bounds write. A remote attacker could take advantage of this flaw to compromise an SSH ser… Continue reading Facebook confessed another data breach; says it “unintentionally uploaded” 1.5 million email contacts without consent
Yesterday the team at Mozilla announced that the company is receiving hundreds of bug reports and feature requests from Firefox users on a daily basis. The team noted that it’s important to get the bugs fixed as soon as possible for the smooth fu… Continue reading Mozilla developers have built BugBug which uses machine learning to triage Firefox bugs
Microsoft made a series of new announcements, earlier this week. These include a new Microsoft Defender ATP for Mac, a first fully automated DNA data storage system, and the Revived Microsoft Office Assistant, Clippy. Microsoft Defender ATP for Ma… Continue reading Microsoft announces: Microsoft Defender ATP for Mac, a fully automated DNA data storage, and revived office assistant Clippy