Stay informed with Security World Trend Now! Discover the latest security trends, technologies, and strategies to protect your data, networks, and digital identity. Get expert insights and practical advice for ensuring your online safety. Explore now!
Dan Kaminsky Fellowship Diversifies Support for Human Rights Security Research The Human Security Dan Kaminsky Fellowship has added a new area of security research this year that aims to translate threat intelligence best practices to human rights and civil liberties. The fellowship supports Dr. Gillian “Gus” Andrews with financial and data resources to start formalizing…
Cybercriminals Now Have Access to Human-Assisted CAPTCHA-Breaking Services In recent times, the cyber-underground menu has added a new service, i.e., human-assisted CAPTCHA breaking functionality. This has raised concerns that website administrators must adopt additional measures to protect their websites from bots. CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) challenges are…
Spyware Disguised as Marketing SDK Found in 101 Android Applications The popular Android applications like Noizz, Zapya, VFly, and Biugo have been found to contain spyware disguised as a marketing software development kit (SDK) that could extract and report sensitive data from users’ devices without their consent. According to Doctor Web, the Russian antivirus vendor,…
Data from Section 702 of FISA Act Leads to State Department Warnings about North Korean IT Scams A senior official from the State Department revealed that the department used data obtained through Section 702 of the Foreign Intelligence Surveillance Act (FISA) to identify and warn international partners and U.S. businesses about North Korea’s use of…
SALT Finds Login Bug in Expo Authentication Process Researchers at the web coding security company SALT recently found an authentication bug termed as CVE-2023-28131 in the app-building toolkit, Expo, used by many popular online services. The bug was found in Expo’s Open Authorization Framework (OAUTH) service, which lets users access private data in an online…
Businesses in the Middle East targeted by cyberattacks Over the past few years, businesses in the Middle East have been facing a series of targeted cyberattacks using advanced techniques. Researchers at Fortinet have discovered an open source tool dubbed “Donut” and a variant of the Wintapix driver which have been used to carry out these…
US Government-Sponsored Dental Healthcare Provider MCNA Dental Falls Victim to a LockBit Ransomware Attack Managed Care of North America (MCNA) Dental, one of the largest providers of government-sponsored dental care in the US, has notified its nearly 9 million clients that their sensitive and personal data was exposed in a LockBit ransomware attack earlier this…
Government US intelligence agency to study cyber psychology to combat criminal hackers The United States’ intelligence community is turning its gaze towards the psychological weaknesses of criminal hackers to improve cybersecurity. The Intelligence Advanced Research Projects Activity (IARPA) is behind a new project, called Reimagining Security with Cyberpsychology-Informed Network Defenses (ReSCIND), aimed at studying hackers’…
PyPI to Enforce 2FA for All Project Maintainers The Python Package Index (PyPI) has become an important hub for the wider Python community that the repository serves. It provides an easy way to download and distribute various software packages, libraries, and frameworks. Nevertheless, this platform’s potential for damage is evident, as previously seen from the…
Vulnerabilities Discovered in PrinterLogic Enterprise Software PrinterLogic, a company specializing in enterprise management printer solutions, is the latest target of concern in the security community, as researchers have identified multiple vulnerabilities in its software platform. These vulnerabilities could lead to serious risks such as authentication bypass, SQL injection, and cross-site scripting, among others. This news…