January 14, 2024 at 10:05PM In June 2023, China announced that operators of short-distance ad hoc networks must adhere to socialist principles and require users to disclose their real-world identities. The focus was on technologies like Wi-Fi hotspots and AirDrop, which were used by protestors during COVID-19 lockdowns. Chinese authorities acknowledged AirDrop’s vulnerability to surveillance … Read more
January 14, 2024 at 02:36PM In 2024, Windows 11 plans to introduce groundbreaking features for enhanced user experience. These include AI-powered Notepad, USB 80Gbps support, Copilot autostart, enhanced sharing options, lock screen weather updates, and voice access enhancements. Users can share feedback via the Feedback Hub and can look forward to these exciting updates. Here … Read more
January 14, 2024 at 02:36PM The GrapheneOS team suggests introducing an auto-reboot feature for Android to reduce exploitation of firmware flaws, affecting data theft and spying on Google Pixel and Samsung Galaxy phones. They recommend a shorter reboot interval and emphasize the importance of device encryption and security. Google is reviewing the reported vulnerabilities while … Read more
January 14, 2024 at 02:36PM AdGuard VPN offers one, three, and five-year subscriptions, providing secure access to servers in over 60 countries, unlimited data, and coverage for up to ten devices. Their custom protocol ensures faster, safe connections, with a no-log policy for privacy. Available at discounted rates through January 14th on StackSocial, the service … Read more
January 14, 2024 at 04:51AM Forescout’s recent findings reveal that the cyber attacks on Denmark’s energy sector in 2023, involving Zyxel firewall vulnerability and Mirai botnet, were not linked to the Russia-based Sandworm group. The attacks consisted of two separate waves and targeted multiple entities across Europe and the U.S., posing ongoing threats to critical … Read more
January 13, 2024 at 09:31PM A 29-year-old Ukrainian man was arrested for orchestrating a massive cryptojacking scheme, using hacked accounts to create 1 million virtual servers and mine $2 million in cryptocurrency. Europol, in collaboration with Ukrainian authorities, tracked down the hacker, who is now facing criminal charges under the Criminal Code of Ukraine. Mitigating … Read more
January 13, 2024 at 06:54AM Juniper Networks released updates to fix a critical remote code execution vulnerability in its SRX Series firewalls and EX Series switches, tracked as CVE-2024-21591 with a CVSS score of 9.8. The flaw can allow attackers to cause Denial-of-Service or Remote Code Execution, affecting specific Junos OS versions. Juniper also resolved … Read more
January 13, 2024 at 05:24AM A 29-year-old Ukrainian national was arrested for a “sophisticated cryptojacking scheme,” making over $2 million in illicit profits. The arrest was made in Mykolaiv with help from Europol and a cloud service provider. The suspect used compromised cloud user accounts to mine cryptocurrencies, avoiding infrastructure costs. Properties were searched for … Read more
January 12, 2024 at 10:42PM GitLab released security updates to address two critical vulnerabilities, CVE-2023-7028 and CVE-2023-5356. CVE-2023-7028 allows account takeover without user interaction, affecting versions 16.1 to 16.7. CVE-2023-5356 enables execution of slash commands as another user through Slack/Mattermost integrations. Users are advised to upgrade instances and enable 2FA for elevated privileges. Key takeaways … Read more
January 12, 2024 at 09:25PM Mandiant’s threat intel team identified two zero-day bugs in Ivanti products that were under attack by cyberspies as early as December. Ivanti has disclosed the vulnerabilities in their products and is working on rolling out patches while urging customers to immediately deploy mitigations. The situation is particularly concerning as the … Read more