Facebook’s In-app Browser on iOS Tracks ‘Anything You Do on Any Website’
Researcher shows how Instagram and Facebook’s use of an in-app browser within both its iOS apps can track interactions with external websites.
Read moreXiaomi Phones with MediaTek Chips Found Vulnerable to Forged Payments
Security flaws have been identified in Xiaomi Redmi Note 9T and Redmi Note 11 models, which could be exploited to disable the mobile payment mechanism and even forge transactions via a rogue Android app installed on the devices.
Check Point said it fo…
U.S. Government Offers $10 Million Reward for Information on Conti Ransomware Gang
The U.S. State Department on Thursday announced a $10 million reward for information related to five individuals associated with the Conti ransomware group.
The reward offer, first reported by WIRED, is also notable for the fact that it marks the firs…
Facebook Testing Default End-to-End Encryption and Encrypted Backups in Messenger
Social media company Meta said it will begin testing end-to-end encryption (E2EE) on its Messenger platform this week for select users as the default option, as the company continues to slowly add security layers to its various chat services.
“If you’…
Cisco Patches High-Severity Vulnerability Affecting ASA and Firepower Solutions
Cisco on Wednesday released patches to contain multiple flaws in its software that could be abused to leak sensitive information on susceptible appliances.
The issue, assigned the identifier CVE-2022-20866 (CVSS score: 7.4), has been described as a “l…
Fast and Secure VPN on a Budget? Private Internet Access VPN Has You Covered
Back when the internet consisted of a handful of computers networked together across a few research institutions, nobody could have imagined that it would one day form the backbone of a new digital way of life. And that probably explains why none of t…
Read moreResearchers Warn of Ongoing Mass Exploitation of Zimbra RCE Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two flaws to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation.
The two high-severity issues relate to weaknesses in Zimbra Collaborat…
Conti Cybercrime Cartel Using ‘BazarCall’ Phishing Attacks as Initial Attack Vector
A trio of offshoots from the notorious Conti cybercrime cartel have resorted to the technique of call-back phishing as an initial access vector to breach targeted networks.
“Three autonomous threat groups have since adopted and independently developed…
Cisco Confirms It’s Been Hacked by Yanluowang Ransomware Gang
Networking equipment major Cisco on Wednesday confirmed it was the victim of a cyberattack on May 24, 2022 after the attackers got hold of an employee’s personal Google account that contained passwords synced from their web browser.
“Initial access to…
Starlink Successfully Hacked Using $25 Modchip
Belgian researcher Lennert Wouters revealed at Black Hat how he mounted a successful fault injection attack on a user terminal for SpaceX’s satellite-based internet system
Read more