Cybersecurity for IoT devices
IoT (Internet of Things) devices refer to a wide range of physical devices and everyday objects that are connected to the internet and can collect and exchange data. Some common…
Multi factor authentication and its Vulnerabilities
Multi-factor authentication (MFA) is a security process that requires users to provide two or more forms of identification before gaining access to a service or system. The idea behind MFA…
Coinminers Abusing WebLogic Vulnerabilities
Recently security researchers found malicious actors exploiting old and recently disclosed Oracle Weblogic Server vulnerabilities to deliver the crypto miner malware on the infected hosts. Mostly the Oracle Weblogic Servers…
Microsoft Exchange server exploited by Squirrelwaffle malware
Squirrelwaffle targeted vulnerable exchange servers to spread malspam through hijacked email threads as reported by the Sophos tech. As per the experts, the Squirrelwaffle is a new malware loader that was discovered…
Apple’s IOS with critical Zero-day Webkit Vulnerability
Apple has released an IOS update for Apple devices that fixes the CVE- 2022-22620 vulnerability in the WebKit browser engine that hackers would have already exploited in a wild. And they urge…
Log4J vulnerabilities explained easy
Introduction to Log4shell As we all know that end of the last weekend ie., on Friday, December 10, the entire world came to about the new Zero-day vulnerability in the…
New Spyware PJobRAT targets Indian military personnel
According to recent study researchers from 360 Fiberhome labs discovered the attack that mainly targeting Indian Military personnel using new Android spyware called PJobRAT malware. The PJobRAT malware is spyware that is disguised as…
Samsung phones to spy on users
Security researchers analyzed the Samsung smartphones and found multiple critical vulnerabilities that can be exploited by the hackers using Pre-installed applications. As per the researchers, the vulnerabilities could exploit the…
Ransomware 2021 weaponized by Legitimate tools
Here is how Ransomware 2021 used legitimate tools to exploit the victims in ransomware campaigns. The tools were intended to be used for authorized and security researches but the ransomware…
PuzzleMaker attack Google chrome zero-day exploit
Researchers from the Kaspersky Endpoint security firm have identified Zero-day exploit from Google’s Chrome browser and Microsoft windows zero-day exploits that have targeted multiple attacks on several enterprises. Now the…