Source code of the BlackLotus UEFI Bootkit was leaked on GitHubSecurity Affairs
The source code for the BlackLotus UEFI bootkit has been published on GitHub and experts warn of the risks of proliferation of custom versions. Researchers…
Month: July 2023
Microsoft still unsure how hackers stole Azure AD signing key
Microsoft says it still doesn’t know how Chinese hackers stole an inactive Microsoft account (MSA) consumer signing key used to breach the Exchange Online and…
US CISA warns of Rockwell Automation ControlLogix flawsSecurity Affairs
The U.S. CISA warns of two flaws impacting Rockwell Automation ControlLogix that can lead to remote code execution and DoS attacks. The U.S. Cybersecurity and…
Fake TeamViewer Installer Used to Deliver njRAT Malware
The njRAT malware is a remote access trojan that can perform malicious activities such as keylogging, password stealing, data exfiltration, accessing webcams and microphones, and…
Rockwell warns of new APT RCE exploit targeting critical infrastructure
Rockwell Automation says a new remote code execution (RCE) exploit linked to an unnamed Advanced Persistent Threat (APT) group could be used to target unpatched…
FBI Surveillance Fears Are Uniting a Badly Broken Congress
The FBI has collected sensitive data on millions of Americans without warrants, drawing intense scrutiny from Congress and turning the agency into a punching bag…
Spotify reportedly makes users’ private playlists public
In what is shaping up to be a widespread privacy controversy, Spotify has come under scrutiny following allegations by users that the music streaming service…
Location Fingerprint: Incognia’s Innovative Answer to Online Fraud Prevention
In the ongoing race between scammers and defenders preventing online fraud, , the location identity company, is blazing new trails. CEO Andre Ferraz, a serial entrepreneur…
WordPress AIOS plugin used by 1M sites logged plaintext passwords
The All-In-One Security (AIOS) WordPress security plugin, used by over a million WordPress sites, was found to be logging plaintext passwords from user login attempts…
FTC starts data security probe on ChatGPT OpenAI
The Federal Trade Commission (FTC) has turned its attention towards ChatGPT, the conversational Chatbot developed by OpenAI and now owned by Microsoft, due to concerns…
BreachForums owner Pompompurin pleads guilty to hacking charges
Conor Brian Fitzpatrick, aka Pompompurin, the owner of the notorious BreachForums (aka Breached) hacking forum, has pleaded guilty to hacking and child pornography possession charges.…
Hackers Use WebAPK to Install Malware as Native Application
The latest research reveals a new sophisticated attack carried through Webapk technology targeting Android devices. The threat actors manipulate the user to install malicious web…