© 2023 CyberNews- Latest tech news,
product reviews, and analyses.

Security

Android barcode scanner app exposes user passwords

An Android app with over 100k Google Play downloads and a 4.5-star average rating has let an open instance go unchecked, leaving sensitive user data up for grabs.
Read more about Android barcode scanner app exposes user passwords

Hackers breach US Government agencies running end-of-life software

Malicious actors have hacked two governmental servers running end-of-life software. The US cybersecurity agency CISA warns that cybercriminals are exploiting a vulnerability in discontinued Adobe ColdFusion versions and urges users to upgrade.
Read more about Hackers breach US Government agencies running end-of-life software

Thai threat actor named after folklore spirit

A new threat actor has been spotted going after telecommunications targets in Thailand. It has been named Krasue by Group-IB, the analyst that spotted it.
Read more about Thai threat actor named after folklore spirit

Holiday shoppers face increased risk of cyberattacks

Almost 30% of cyberattacks fall on retail, putting shoppers hunting for holiday deals at risk, security experts have warned.
Read more about Holiday shoppers face increased risk of cyberattacks

Green Card Lottery agency exposes applicants’ data

Thousands of applicants for the Diversity Immigrant Visa Program, widely known as Green Card Lottery, got their private data leaked by the US GREEN CARD OFFICE LIMITED (USGCO), a limited liability company registered in the UK that helps to prepare the documents, the Cybernews research team has found.
Read more about Green Card Lottery agency exposes applicants’ data

Adobe’s InDesign exploited in new wave of phishing attacks

Hackers are getting creative, literally, by utilizing Adobe’s popular graphic design program, InDesign, to target corporations in the latest surge of phishing attacks, new research shows.
Read more about Adobe’s InDesign exploited in new wave of phishing attacks

Beware: predatory Android loan apps spy, harass, and blackmail users

Deceptive loan apps charging excessive interest rates can also be malicious. SpyLoan apps circumvent Google Play requirements to track their users’ data and then use it to blackmail them.
Read more about Beware: predatory Android loan apps spy, harass, and blackmail users

Apple’s Lockdown Mode not a failsafe protection

The iOS protective function can be a useful preventative measure against cyberattacks, but even Lockdown can be leveraged if a device is compromised.
Read more about Apple’s Lockdown Mode not a failsafe protection

Angel Cabal Noriega, GameChampions: “casual gamers are the real champions of the esports multi-billion dollar industry”

Most people may not realize how popular the esports gaming industry is getting. At one time, professional and elite gamers...
Read more about Angel Cabal Noriega, GameChampions: “casual gamers are the real champions of the esports multi-billion dollar industry”

Net tightens around Iranian water hackers

The digital location from where an Iran-backed group launched a cyberattack on a US water facility in Pennsylvania may have been uncovered by SecurityScorecard.
Read more about Net tightens around Iranian water hackers

GST Invoice Billing Inventory exposes sensitive data to threat actors

A business accounting app for small and medium businesses with over 1M downloads has left a database open, exposing sensitive personal and corporate data up for grabs.
Read more about GST Invoice Billing Inventory exposes sensitive data to threat actors

Russian state-sponsored hackers exploiting Outlook vulnerability, Microsoft warns

Microsoft is urging Outlook users to patch and update their systems to mitigate a new threat from Russia. Hackers associated with the Kremlin’s military intelligence agency GRU are exploiting the vulnerability to access victim’s emails.
Read more about Russian state-sponsored hackers exploiting Outlook vulnerability, Microsoft warns

The future of phone scams: bots that sound like your loved ones

Every fifth unknown call in the US is spam. Despite a meager success rate, millions fall victim to fraudsters due to the sheer volume of attempts. Now, scammers have a dangerous new innovation that will make them even more productive and convincing.
Read more about The future of phone scams: bots that sound like your loved ones

23andMe hack explained: 0.1% of accounts unlocked the data of millions

After millions of users had their ancestry data exposed online, 23andMe’s investigation revealed that hackers accessed only “a very small percentage” of accounts to scrape user data.
Read more about 23andMe hack explained: 0.1% of accounts unlocked the data of millions

Bluetooth connections no longer private with new BLUFFS attacks

Bluetooth, a low-power wireless technology connecting our devices, has a new vulnerability to iron out. Attackers in the middle could easily snoop on your communications using a new BLUFFS attack.
Read more about Bluetooth connections no longer private with new BLUFFS attacks

South Korea and Uzbekistan hit by new malware

An offshoot of Gh0stRat malware is being used to target institutions in Uzbekistan and South Korea, says Cisco Talos.
Read more about South Korea and Uzbekistan hit by new malware

Hacktivism and its impacts on mental health

I get it. Like me, you’re wired in. Maybe your vice is social media or gaming. Perhaps you’re an Infosec researcher, or a hacker, or OSINT investigator. Whatever your function is, what began as a romance with technology ultimately evolves into a bitter love/hate relationship, taking a toll on your emotions and your overall psychological well-being.
Read more about Hacktivism and its impacts on mental health

Fortune-telling website exposes 13M+ user records

WeMystic, a website on astrology, numerology, tarot, and spiritual orientation, left an open database exposing 34GB of sensitive data about the platforms' users.
Read more about Fortune-telling website exposes 13M+ user records