A sophisticated social engineering attack undertaken by an Iranian-state aligned actor targeted think tanks, journalists, and professors with an aim to solicit sensitive information by masquerading as scholars with the University of London’s School of Oriental and African Studies (SOAS). Enterprise security firm Proofpoint attributed the campaign — called “Operation SpoofedScholars” — to the advanced
Cybersecurity researchers have disclosed new security vulnerabilities in the Etherpad text editor (version 1.8.13) that could potentially enable attackers to hijack administrator accounts, execute system commands, and even steal sensitive documents. The two flaws — tracked as CVE-2021-34816 and CVE-2021-34817 — were discovered and reported on June 4 by researchers from SonarSource, following which patches
Microsoft on Tuesday disclosed that the latest string of attacks targeting SolarWinds Serv-U managed file transfer service with a now-patched remote code execution (RCE) exploit is the handiwork of a Chinese threat actor dubbed “DEV-0322.” The revelation comes days after the Texas-based IT monitoring software maker issued fixes for the flaw that could enable adversaries
Microsoft rolled out Patch Tuesday updates for the month of July with fixes for a total of 117 security vulnerabilities, including nine zero-day flaws, of which four are said to be under active attacks in the wild, potentially enabling an adversary to take control of affected systems. Of the 117 issues, 13 are rated Critical,
A new class of security tools is emerging that promises to significantly improve the effectiveness and efficiency of threat detection and response. Emerging Extended Detection and Response (XDR) solutions aim to aggregate and correlate telemetry from multiple detection controls and then synthesize response actions. XDR has been referred to as the next step in the
REvil, the infamous ransomware cartel behind some of the biggest cyberattacks targeting JBS and Kaseya, has mysteriously disappeared from the dark web, leading to speculations that the criminal enterprise may have been taken down. Multiple darknet and clearnet sites maintained by the Russia-linked cybercrime syndicate, including the data leak, extortion, and payment portals, remained inaccessible,
Spanish law enforcement agencies on Wednesday arrested 16 individuals belonging to a criminal network in connection with operating two banking trojans as part of a social engineering campaign targeting financial institutions in Europe. The arrests were made in Ribeira (A Coruña), Madrid, Parla and Móstoles (Madrid), Seseña (Toledo), Villafranca de los barros (Badajoz), and Aranda
Threat intelligence researchers from Google on Wednesday shed more light on four in-the-wild zero-days in Chrome, Safari, and Internet Explorer browsers that were exploited by malicious actors in different campaigns since the start of the year. What’s more, three of the four zero-days were engineered by commercial providers and sold to and used by government-backed
Networking equipment maker SonicWall is alerting customers of an “imminent” ransomware campaign targeting its Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life 8.x firmware. The warning comes more than a month after reports emerged that remote access vulnerabilities in SonicWall SRA 4600 VPN appliances (CVE-2019-7481) are being
Zero Trust is increasingly being adopted as the best strategy to maintain application security and prevent data breaches. To help achieve progress on Zero Trust, there is now a new, easy way to implement continuous user verification by connecting directly to the authentication systems used by mobile operators – without the overhead of processing or
Twitter is extending the ability to let users decide who can reply to their tweets even after they have been published on the social media platform. Twitter users already had the ability to limit replies on their tweets, but the choice had to be made before a tweet was published. Users can limit the replies
Instagram is getting a new Security Check feature for users whose accounts may have been hacked in the past. The new feature, aimed at making user accounts more secure, will guide users through the steps required to keep their accounts secure. The steps include checking login activity, reviewing profile information, confirming accounts with shared login
Facebook will spend $1 billion (roughly Rs. 7,450 crores) on social media creators through the end of 2022 in a fight for top talent announced in a week when TikTok became the first rival mobile app to hit 3 billion global downloads. Facebook’s investments will include bonus programmes to pay creators who hit certain milestones on its
Twitter said on Wednesday it will shut down its ephemeral posts feature called Fleets on August 3 after the product failed to gain traction with users. The shutdown comes just eight months after the social media platform rolled out Fleets to all its users globally, and just one month after it began testing advertising within
Twitter saw a surge in government demands worldwide in 2020 to take down content posted by journalists and news outlets, according to data released by the social media platform. In its transparency report published on Wednesday, Twitter said verified accounts of 199 journalists and news outlets on its platform faced 361 legal demands from governments to
WhatsApp has finally started rolling out the much-awaited multi-device capability that will allow users to access the instant messaging app not just on their phones but also on up to four non-phone devices at the same time. The new development, that is initially a limited public beta test, comes months after the rumour mill suggested
Facebook on Wednesday asked for the recusal of Federal Trade Commission Chair Lina Khan from the FTC’s antitrust case against the company, a step that could imperil the agency’s lawsuit against it. A prominent critic of Big Tech who was sworn in as FTC chair in June, Khan previously worked for the House Judiciary antitrust
British billionaire Richard Branson on Sunday soared more than 50 miles above the New Mexico desert aboard his Virgin Galactic rocket plane and safely returned in the vehicle’s first fully crewed test flight to space, a symbolic milestone for a venture he started 17 years ago. Branson, one of six Virgin Galactic employees strapped in
Jeff Bezos and Richard Branson are competing fiercely to outwit each other and capture the huge commercial space tourism market. And their fellow billionaire Elon Musk appears to be siding with the British entrepreneur and his Virgin Galactic venture. Musk, the SpaceX CEO who aims to colonise Mars someday and make humans a multi-planetary species, seems to have
The Federal Aviation Administration (FAA) said on Monday it approved a Blue Origin license to carry humans on the New Shepard launch system into space. Former Amazon Chief Executive Jeff Bezos is set to fly to the edge of space on Blue Origin’s maiden crewed voyage on July 20. Blue Origin is authorised to carry
NASA administrator Bill Nelson has lauded billionaire Richard Branson, the founder of Virgin Galactic, who along with five other crew members soared to the edge of the space aboard the VSS Unity spacecraft on Sunday. Nelson, a former astronaut who went to space in 1986, said that it was hard to believe back then that