Emotet, a dangerous botnet spams malicious emails, “targets 66,000 unique emails for more than 30,000 domain names” reports BleepingComputer

Emotet, a dangerous botnet spams malicious emails, “targets 66,000 unique emails for more than 30,000 domain names” reports BleepingComputer

Three days ago, Emotet, a dangerous malware botnet was found sending malicious emails to many countries around the globe. The maligned email with Emotet’s signature was first spotted on the morning of September 18th in countries like Germany, the United Kingdom, Poland, Italy, and the U.S.A. by targeting their individuals, ... Read More
NetCAT remotely leaking keystrokes from a victim SSH session

Intel’s DDIO and RDMA enabled microprocessors vulnerable to new NetCAT attack

Two days ago, Intel disclosed a vulnerability in their 2011 released line of micro processors with Data Direct I/O Technology (DDIO) and Remote Direct Memory Access (RDMA) technologies. The vulnerability was found by a group of researchers from the Vrije Universiteit Amsterdam and ETH Zurich. The researchers have presented a ... Read More
New Bluetooth vulnerability, KNOB attack can manipulate the data transferred between two paired devices

New Bluetooth vulnerability, KNOB attack can manipulate the data transferred between two paired devices

Recently, a group of researchers exposed a severe vulnerability called Key Negotiation Of Bluetooth (KNOB) that allows an attacker to break the Bluetooth Basic Rate/Extended Data Rate (BR/EDR) security. The vulnerability allows the attacker to intercept, monitor, or manipulate encrypted Bluetooth traffic between two paired devices, without being detected. The ... Read More
CNCF-led open source Kubernetes security audit reveals 37 flaws in Kubernetes cluster; recommendations proposed

CNCF-led open source Kubernetes security audit reveals 37 flaws in Kubernetes cluster; recommendations proposed

Last year, the Cloud Native Computing Foundation (CNCF) initiated a process of conducting third-party security audits for its own projects. The aim of these security audits was to improve the overall security of the CNCF ecosystem. CoreDNS, Envoy and Prometheus are some of the CNCF projects which underwent these audits, ... Read More
Understanding security features in the Google Cloud Platform (GCP)

Understanding security features in the Google Cloud Platform (GCP)

Google’s long experience and success in, protecting itself against cyberattacks plays to our advantage as customers of the Google Cloud Platform (GCP). From years of warding off security threats, Google is well aware of the security implications of the cloud model. Thus, they provide a well-secured structure for their operational ... Read More
25 million Android devices infected with ‘Agent Smith’, a new mobile malware

25 million Android devices infected with ‘Agent Smith’, a new mobile malware

Two days ago, Check Point researchers reported a new mobile malware attack called ‘Agent Smith’ which infected around 25 million Android devices. This malware is being used for financial gains through the use of malicious advertisements. The malware, concealed under the identity of a Google related app, exploited known Android ... Read More
RubyGems strong_password v0.0.7 hijacked; infected thread and attacker account isolated for now

RubyGems strong_password v0.0.7 hijacked; infected thread and attacker account isolated for now

Last week, a developer Tute Costa notified Ruby users that the strong_password v0.0.7 rubygem has been hijacked. The malicious actor published v0.0.7 containing the malicious code, which enabled the attacker to execute remote code in production. As of now, the thread has been tweaked and the attacker’s RubyGems account has ... Read More
Cloud Hopper: The Chinese group that hacked eight major U.S. computer service firms to boost economic interests, Reuters reports

Cloud Hopper: The Chinese group that hacked eight major U.S. computer service firms to boost economic interests, Reuters reports

| | SBN News, Security News
A recent report by Reuters has revealed that a global hacking group, working for China’s Ministry of State Security known as Cloud Hopper, broke into networks of eight of the world’s biggest technology service providers, in order to steal commercial secrets from their clients. The infringement by the hackers exploited ... Read More
Do Google Ads secretly track Stack Overflow users?

Do Google Ads secretly track Stack Overflow users?

A user by the name greggman has discovered a bug on Stack Overflow’s devtools website. Today, while working on his browser’s devtools website, he noticed the following message: Image source: Stack Overflow Meta website greggman then raised the query “Why is Stack Overflow trying to start audio?” on the Stack ... Read More

The EU Bounty Program enabled in VLC 3.0.7 release, this version fixed the most number of security issues

Last week, the President of the VideoLan non-profit organization, Jean-Baptiste Kempf, released the VLC 3.0.7, a minor update of VLC branch 3.0.x. This release is termed as ‘special’ by Kempf, as it has more security issues fixed than any other version of VLC. Kempf has said that “This high number ... Read More