2023-05-30 - Security World Trend Now

The Dark Side of Online Shopping: Human-Assisted CAPTCHA-Cracking Services Fuel Shopper Bots

Morgan Sarah2 years ago07 mins

Cybercriminals Now Have Access to Human-Assisted CAPTCHA-Breaking Services In recent times, the cyber-underground menu has added a new service, i.e., human-assisted CAPTCHA breaking functionality. This has raised concerns that website administrators must adopt additional measures to protect their websites from bots. CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) challenges are…

The Skyrocketing Menace of Spyware: Over 400 Million Apps Downloaded Through Google Play

Nguyen Michael2 years ago07 mins

Spyware Disguised as Marketing SDK Found in 101 Android Applications The popular Android applications like Noizz, Zapya, VFly, and Biugo have been found to contain spyware disguised as a marketing software development kit (SDK) that could extract and report sensitive data from users’ devices without their consent. According to Doctor Web, the Russian antivirus vendor,…

The Consequences of Section 702 Data: State Department Warns of North Korean IT Scams

Morgan Sarah2 years ago06 mins

Data from Section 702 of FISA Act Leads to State Department Warnings about North Korean IT Scams A senior official from the State Department revealed that the department used data obtained through Section 702 of the Foreign Intelligence Surveillance Act (FISA) to identify and warn international partners and U.S. businesses about North Korea’s use of…

The Importance of Verification: Analyzing an OAUTH Login Bug

Morgan Sarah2 years ago08 mins

SALT Finds Login Bug in Expo Authentication Process Researchers at the web coding security company SALT recently found an authentication bug termed as CVE-2023-28131 in the app-building toolkit, Expo, used by many popular online services. The bug was found in Expo’s Open Authorization Framework (OAUTH) service, which lets users access private data in an online…

The Growing Shadow of Undetected Cyber Attacks in the Middle East

Patel Maya2 years ago07 mins

Businesses in the Middle East targeted by cyberattacks Over the past few years, businesses in the Middle East have been facing a series of targeted cyberattacks using advanced techniques. Researchers at Fortinet have discovered an open source tool dubbed “Donut” and a variant of the Wintapix driver which have been used to carry out these…

The Impact of LockBit Attack on MCNA Dental: An Editorial Review

Patel Maya2 years ago08 mins

US Government-Sponsored Dental Healthcare Provider MCNA Dental Falls Victim to a LockBit Ransomware Attack Managed Care of North America (MCNA) Dental, one of the largest providers of government-sponsored dental care in the US, has notified its nearly 9 million clients that their sensitive and personal data was exposed in a LockBit ransomware attack earlier this…

US intelligence agencies turn to cyber psychology to combat criminal hackers

Patel Maya2 years ago07 mins

Government US intelligence agency to study cyber psychology to combat criminal hackers The United States’ intelligence community is turning its gaze towards the psychological weaknesses of criminal hackers to improve cybersecurity. The Intelligence Advanced Research Projects Activity (IARPA) is behind a new project, called Reimagining Security with Cyberpsychology-Informed Network Defenses (ReSCIND), aimed at studying hackers’…

“Why PyPI’s Mandatory 2FA for Maintainers is a Positive Step in Enhancing Security”

Reynolds Alex2 years ago08 mins

PyPI to Enforce 2FA for All Project Maintainers The Python Package Index (PyPI) has become an important hub for the wider Python community that the repository serves. It provides an easy way to download and distribute various software packages, libraries, and frameworks. Nevertheless, this platform’s potential for damage is evident, as previously seen from the…

Risks and Remedies: Assessing the Implications of Multiple Vulnerabilities in PrinterLogic Enterprise Software

Reynolds Alex2 years ago06 mins

Vulnerabilities Discovered in PrinterLogic Enterprise Software PrinterLogic, a company specializing in enterprise management printer solutions, is the latest target of concern in the security community, as researchers have identified multiple vulnerabilities in its software platform. These vulnerabilities could lead to serious risks such as authentication bypass, SQL injection, and cross-site scripting, among others. This news…

“MCNA Ransomware Attack Highlights Urgent Need for Stronger Cybersecurity Measures”

Emma Thompson2 years ago06 mins

Data Breaches Personal Information of 9 Million Individuals Stolen in MCNA Ransomware Attack Overview of the Incident MCNA, one of the largest dental benefits managers in the US, announced that it suffered a data breach earlier this year. This cyber-attack between February 26 and March 7 has compromised the personal information of around nine million…