Cyber Security Newsfeeds from around the world
Android Q is now Android 10. There are no more dessert-themed names for future Android versions, but that’s not something Android users should really be worrying about. Besides the big announcement about the whole Android rebranding that made splashes …
Continue ReadingWhat is an Indicator of Attack (IOA) IoA’s is some events that could reveal an active attack before indicators of compromise become visible. Use of IoA’s provides a way to shift from reactive cleanup/recovery to a proactive mode, where attackers are di…
Continue Readingresearchers has revealed a new method to break Bluetooth’s encryption key negotiation protocol; the attack, dubbed ‘Key Negotiation of Bluetooth’ (KNOB) is possible on any device that supports the
protocol and has required an early response from Googl…
Continue ReadingAccording to iDownloadBlog.com (iDB), “in an unforeseen turn of events, hacker Pwn20wnd released v3.5.0 of the unc0ver jailbreak tool to the general public Sunday morning with official support for iOS 12.4, the latest available firmware release from Ap…
Continue ReadingSoftware updates released by Kubernetes this week address HTTP/2 implementation vulnerabilities that were disclosed earlier this month.
HTTP/2 is the second major revision of the HTTP Internet protocol, meant to improve performance and stability. Ear…
Continue ReadingReading Time: ~ 2 min. Android Apps Riddled with Adware. Industry Intel Another 85 photo and gaming apps have been removed from the Google Play store after they were discovered to have been distributing adware to the roughly 8 million users who had dow…
Continue ReadingMultiple versions of the Squid web proxy cache server built with Basic Authentication features are currently vulnerable to code execution and denial-of-service (DoS) attacks triggered by the exploitation of a heap buffer overflow security flaw. The vul…
Continue Reading, hacks and exploits. That said, it’s not abnormal to run into bugs in the process . Sometimes, a security update will be urgently released before more serious bug testing can occur, leaving users with a system that’s safe, but prone to crashing, for e…
Continue ReadingSecurity Advisory. This security advisory describes one medium risk vulnerability.
1) Improper access control. Severity: Medium. CVSSv3: [PCI] CVE-ID: N/A. CWE-ID: Description. CWE-284 – Improper Access Control The vulnerability allows a remote attack…
Continue ReadingThreat Actor Profile Origin: 2014 Aliases: Helix Kitten, OilRig, Greenbug Key Target Sectors: Information Technology, Government, Military, Energy and Power, Communication, Transportation, Financial Services, Educational System Attack Vectors: Zero Day…
Continue Reading