Pro-Russian Killnet group hits UK organizations with DDoS attacks

pro-russian-killnet-group-hits-uk-organizations-with-ddos-attacks

On November 22nd, in the early hours of the morning, Prince William’s website was reportedly attacked by a Russian hacking group Killnet. In a message posted on Telegram, Killnet stated the reason for the attack to be UK’s continued support for Ukraine. Killnet said it had conducted the attack “due to the supply of high-precision […]

Retired Software Exploited To Target Power Grids, Microsoft

retired-software-exploited-to-target-power-grids,-microsoft

A recent alarming report by Microsoft reveals the risks attached to common Internet of Things (IoT) devices using the discontinued Boa web server. Hackers are exploiting vulnerabilities in the software to target organizations in the energy sector. On Tuesday, Microsoft researchers revealed in an analysis their discovery of a vulnerable open-source component in the Boa […]

34 Russian Hacking Groups Stole 50 Million User Passwords

34-russian-hacking-groups-stole-50-million-user-passwords

Group-IB security researchers have warned about an ongoing password-stealing spree initiated by Russian-speaking hacking groups. According to the Singapore-based cybersecurity giant, thirty-four groups were detected using off-the-shelf info stealers to target unsuspecting users. Here are more details of their findings. Russian Hackers Stealing Passwords Cybersecurity firm Group-IB states that the 34 Russian hacking groups are […]

Medical Software Firm exposes vulnerable children’s sensitive data

medical-software-firm-exposes-vulnerable-children’s-sensitive-data

Security researcher Jeremiah Fowler in collaboration with Website Planet’s team of researchers discovered an unprotected database containing more than 16,000 records. What’s worse, the misconfigured database contained sensitive personally identifiable information (PII) of thousands of children. Fowler noted that the misconfigured database contained highly sensitive PII, including the names of parents and children, dates of […]

How Development Teams Should Respond to Text4Shell

how-development-teams-should-respond-to-text4shell

A family moves into their dream home, only to be plagued by ominous letters, a strange tenant, and sinister threats. Sound familiar? It should. This is the story behind The Watcher, a true crime series that premiered on Netflix on October 13, 2022. It’s also the story of the Text4Shell vulnerability, which was announced that […]

Why Africa’s Telecoms Must Actively Collaborate to Combat Fraud

why-africa’s-telecoms-must-actively-collaborate-to-combat-fraud

With the digital transformation of the post-pandemic world, Africa is seeing a massive technology revolution, especially in the telecom industry, which has shifted network infrastructure away from traditional services to more advanced commercial routers, switches, and servers. But this move hasn’t been without some challenges — notably cybersecurity risks. Mordor Intelligence predicts that the entertainment […]

‘Patch Lag’ Leaves Millions of Android Devices Vulnerable

‘patch-lag’-leaves-millions-of-android-devices-vulnerable

It’s called a “patch gap” and describes the time it takes a fix for a known vulnerability to trickle down from software vendor to individual device manufacturers. And the latest casualties are the millions of Pixel, Samsung, Xiaomi, and other Android device brands. According to Google’s Project Zero, after its team discovered five separate bugs […]

Hot Ticket: ‘Aurora’ Go-Based InfoStealer Finds Favor Among Cyber-Threat Actors

hot-ticket:-‘aurora’-go-based-infostealer-finds-favor-among-cyber-threat-actors

A growing number of cybercriminal groups are turning to an information stealer named Aurora, which is based on the Go open source programming language, to target data from browsers, cryptocurrency wallets, and local systems. A research team at cybersecurity firm Sekoia discovered at least seven malicious actors, which it refers to as “traffers,” that have […]

Microsoft: Popular IoT SDKs Leave Critical Infrastructure Wide Open to Cyberattack

microsoft:-popular-iot-sdks-leave-critical-infrastructure-wide-open-to-cyberattack

Microsoft this week identified a gaping attack vector for disabling industrial control systems (ICS), which is unfortunately pervasive throughout critical infrastructure networks: the Boa Web server. The computing giant has identified vulnerabilities in the server as the initial access point for successful attacks on the Indian energy sector earlier this year, carried out by Chinese hackers. But here’s the kicker: It’s a […]

Penetration Testing Market Size Is Projected to Reach $5.28B Globally by 2028

penetration-testing-market-size-is-projected-to-reach-$5.28b-globally-by-2028

LONDON, Nov. 23, 2022 /PRNewswire/ — The Global Penetration Testing Market is poised to reach a valuation of USD 5.28 Billion in 2028 from USD 1.87 Billion in 2021, registering a CAGR of 15.97% over the forecast duration. Penetration test is referred to as a type of ethical hacking that is deliberately performed on a […]