Security
-
The ban on TikTok and WeChat will be effective on September 20th
Bad news for Byte Dance and users of TikTok in the US continues with Trump rejecting the deal between Byte Dance and Oracle for the US operations of the application. The 90 day period is coming to its end, and it seems TikTok will be banned in the US. In…
-
High-Level YouTube Accounts Being Hacked By Bitcoin Scammers
Rod Breslau, an esports commentator, pointed out that several high-level YouTube channels have been hacked in the past week. The hackers changed the channel names to trending topics, like Elon Musk or SpaceX. The purpose of the hack seemed to promote a bitcoin scam. It was only two weeks ago…
-
TikTok decides to establish new Moderation Policies in a bid to combat misleading information
In the beginning of this week, Microsoft announced its preparation towards continuing discussions for purchase of TikTok in the United States, following ban threats in the country. This move is in response to concerns shown by President Trump regarding its privacy practices and possible connections to Chinese government. Recently, TikTok…
-
Popular And Widely Used Google Chrome Free Extensions And Add-Ons Conducted Largescale Espionage
Over 32 million downloads of extensions for the Google Chrome web browser were part of a largescale spyware effort. Google has taken action against these most popular and widely downloaded Google Chrome extensions or add-ons, but the extent of the espionage campaign is still being ascertained. Google took corrective action…
-
Protecting yourself from Coronavirus (COVID-19) related Computer Scams
Remember when it was predicted that the world would end in 2012. Well, I think 2020 would have been a more accurate prediction. We are only halfway through the year and we have already witnessed enough apocalyptic events to have some people convinced that it’s God unleashing his wrath on…
-
Zoom Free Users Will Not Get End-To-End Encryption For Messaging And Calls As Co. Reserves Privacy Feature For Paying Customers Only?
Zoom, the multi-platform messaging and video-conferencing app won’t have end-to-end encryption for all its users. Unlike Facebook Messenger, WhatsApp, Google Meet, Facetime, and several other similar platforms, Zoom might be restricting the availability of the user privacy feature only to paying customers. Essentially, any free Zoom app user must consider…
-
IBM Zero-Day RCE Security Vulnerabilities Impacting Data Risk Manager Remain Unpatched Even After Public Release?
Multiple security flaws within IBM Data Risk Manager (IDRM), one of IBM’s enterprise security tools, were reportedly revealed by a third-party security researcher. Incidentally, the Zero-Day security vulnerabilities haven’t yet been officially acknowledged, let alone successfully patched by IBM. A researcher who discovered at least four security vulnerabilities, with potential…
-
“Kr00K” Vulnerability Downgrades Your Wifi Chips Security Making It Easily Accessible
With everything being wireless and connected to the internet, web security is a huge concern. Signs of malware, ransomware and from the dotcom era, the trojan virus has kept people on the edge. This time around though, there is something new. While it is not clearly a virus, it is…
-
WhatsApp Group Invite Breach: Group Links From Around the World Available Via Google Search
One of the most common messaging app today is WhatsApp. Apart from the Chinese community, the entire world is on WhatsApp, for one reason or another. Since the entire data breach episode in the entire world, the idea of message encryption came to be. WhatsApp was one of the first…
-
EPIC Games Launcher Download And Installation Faked By LokiBot Trojan Malware Campaign
Gamers intending to download EPIC Games Launcher, the platform used to access highly popular online multiplayer video game Fortnite, are being fooled by a new malware campaign. Considering the high number of active players and many more interested in the games offered by EPIC Games, the new virus-laden downloader may…
-
Popular Cisco Webex Video Conferencing Platform Security Flaw Allowed Unauthenticated Users To Join Private Online Meetings
A security flaw within the popular Webex Video Conferencing platform allowed unauthorized or unauthenticated users to join private online meetings. Such a serious threat to privacy and gateway to potentially successful espionage attempts was patched by Webex parent company, Cisco Systems. Another loophole discovered and subsequently patched by Cisco Systems…
-
AMD “Radeon” Series Graphics Drivers Contained Multiple ‘Severe’ Security Vulnerabilities, Proved Cisco Talos Experts
AMD ATI Radeon Graphics Cards Drivers contained multiple security vulnerabilities, reported the Security and Digital Protection team of Cisco. The engineers at Cisco Talos proved how attackers could manipulate the latest AMD ATI drivers to remotely execute arbitrary code and even execute a DDoS attack. Security engineers at Talos, Cisco’s…
-
Mozilla Firefox Browser Addons Segregated Into Curated And ‘Non-Monitored’ Segments Through ‘Recommended Extensions Program’?
The popular browser Firefox has hundreds of popular and actively used add-ons or extensions. Now Mozilla, the parent non-profit organization developing the web browser, appears to be curating the Extensions Marketplace on the Firefox Browser add-ons website. A subtle but clear cautionary sentence greets Mozilla Firefox users who attempt to…
-
Popular WordPress Plugin Vulnerable To Exploitation And Can Be Used To Hijack Complete Website, Warns Security Experts
A popular WordPress plugin that helps website administrators with maintenance and upkeep activities, is extremely vulnerable to exploitation. Easily manipulated, the plugin can be used to render the complete website inactive or attackers can take over the same with admin privileges. The security flaw within the popular WordPress Plugin has…
-
Internet Explorer Suffering From ‘Actively Exploited’ Zero-Day Vulnerability But Microsoft Hasn’t Released Patch Yet – Here’s A Simple But Temporary Workaround
A security flaw within the aging but still actively used Internet Explorer, the ‘default’ web browser for Microsoft Windows operating system, is being actively exploited by attackers and malicious code writers. Although Microsoft is acutely aware of the Zero-Day Exploit in IE, the company has currently issued an emergency security…
-
Google’s First Security Update For Android In 2020 Addresses Security Flaws With ‘High And Critical’ Severity Ratings
Google’s Android operating system for smartphones received its first-ever Security Update of the New Year. Google’s first security update of 2020 addressed seven Android flaws classified as high and critical. While the number and severity rating might appear concerning, the Android OS has been getting better at keeping hackers and…
-
Security Alert: Android Bug Provides Unwanted Access To Some Apps To Use Your Phone’s Camera
Last year many big names came under the spotlight due to the spying and data breach allegations. Now it seems like several smartphone users have noticed a mysterious glitch while using apps such as WhatsApp, Instagram, and Snapchat. Many Android users reported that the cameras of their phones automatically turn…
-
Facebook Says It Used Your 2FA Info For Mining Contacts
Facebook has always been under criticism because of its bad practices that lead to privacy violations. It has been proved on various occasions that the social media giant doesn’t respect your privacy at all. Facebook never misses an opportunity to take advantage of your personal data (including your 2FA phone…
-
Google To Provide Financial Assistance To Open Source Projects, Enhancing Web Security Under The Patch Reward Program
Google has been supporting open source projects with rewards under its Patch Reward Program since October 2013. The main focus of the program is to not only implement security protocols in open source projects but also enhance them as the project matures. It is part of Google’s contribution to making…
-
Microsoft Internal Security Audit Of Threat Assessment Reveals Extremely Poor Password Hygiene Of ‘Millions’ Of Users
Microsoft recently conducted its own independent security audit for threat assessment, and the results were shocking. The Windows OS maker who also offers several other cloud-based services realized that “millions” of users practice extremely poor password hygiene. In other words, a vast number of users reuse login credentials, making it…
-
OnePlus Suffers Data Breach Again And Exposes Information Of ‘Some’ Buyers, Authentication and Payment Info Safe, Claims Smartphone Maker
OnePlus, the company that became a powerful entity known as the ‘flagship Killer’, suffered yet another data breach earlier this week. The maker of OnePlus smartphones has offered some seemingly reassuring but vague confirmation about the intentional and external security breach. According to the company’s own admission, customer data including…
-
Microsoft Windows 10 To Natively Support DNS Over HTTPS Encryption And Obfuscation Technique Making Internet Traffic Monitoring Near Impossible
Microsoft Windows 10 will natively and intrinsically support DNS over HTTPS protocol. It is an important privacy protection methodology, which makes it near impossible for even Internet Service Providers (ISP) to monitor internet traffic. DNS over HTTPS is an intensely contested technology, but is being increasingly taken into consideration by…
-
India’s Premier Nuclear Power Plant Digitally Attacked And ‘Certain’ Network Systems Compromised?
A relatively large nuclear power plant, currently in full operation mode, was allegedly attacked by persistent threat groups through sophisticated malware. The cybercriminals reportedly gained administrative control of an important network, but may not have been able to reach or breach the core or internal network which directly connects to…
-
BBC World Service International Website On The Dark Web To Counter Censorship
To counter rising censorship, the British Broadcasting Service or BBC has embraced the Dark Web. The BBC World Service international website will now run a parallel website on the Dark Web. As with all the websites that are available on the Dark Web, the BBC’s site too now has a…
-
NordVPN Hacked, But Company Assures Customer Privacy Wasn’t Breached Owing To Company Security Policy?
NordVPN, a popular Virtual Private Network or VPN provider, has admitted it was hacked. Although the company’s security was breached, its data management and process policies may have ensured customer privacy remained protected and anonymous. NordVPN’s own admission follows persistent rumors about the development. NordVPN is part of increasingly popular…