Phone security begins – and ends – with your lock screen

Recently both Apple and Google have come under fire because of a setting that allows a person to reset the respective account for a phone once the phone is unlocked. When it comes to Android devices, you can use your unlock method

Read More

9-Year-Old Unpatched Email Hacking Bug Uncovered in Horde Webmail Software

Users of Horde Webmail are being urged to disable a feature to contain a nine-year-old unpatched security vulnerability in the software that could be abused to gain complete access to email accounts simply by previewing an attachment. “This gives the

Read More

New "SockDetour" Fileless, Socketless Backdoor Targets U.S. Defense Contractors

Cybersecurity researchers have taken the wraps off a previously undocumented and stealthy custom malware called SockDetour that targeted U.S.-based defense contractors with the goal of being used as a secondary implant on compromised Windows hosts. “SockDetour is a backdoor that

Read More

Iran's MuddyWater Hacker Group Using New Malware in Worldwide Cyber Attacks

Cybersecurity agencies from the U.K. and the U.S. have laid bare a new malware used by the Iranian government-sponsored advanced persistent threat (APT) group in attacks targeting government and commercial networks worldwide. “MuddyWater actors are positioned both to provide stolen

Read More

Notorious TrickBot Malware Gang Shuts Down its Botnet Infrastructure

The modular Windows crimeware platform known as TrickBot formally shuttered its infrastructure on Thursday after reports emerged of its imminent retirement amid a lull in its activity for almost two months, marking an end to one of the most persistent

Read More

Putin Warns Russian Critical Infrastructure to Brace for Potential Cyber Attacks

The Russian government on Thursday warned of cyber attacks aimed at domestic critical infrastructure operators, as the country’s full-blown invasion of Ukraine enters the second day. In addition to cautioning of the “threat of an increase in the intensity of

Read More

New Linux Privilege Escalation Flaw Uncovered in Snap Package Manager

A new privilege escalation flaw has been discovered in the Snap Package Manager for Linux systems. The vulnerability allows attackers to gain root access on affected systems, potentially leading to unauthorized access, data theft, or further compromise of the system.

Read More

New Flaws Discovered in Cisco's Network Operating System for Switches

Cisco has released software updates to address four security vulnerabilities in its software that could be weaponized by malicious actors to take control of affected systems. The most critical of the flaws is CVE-2022-20650 (CVSS score: 8.8), which relates to

Read More

Microsoft Warns of 'Ice Phishing' Threat on Web3 and Decentralized Networks

Microsoft has warned of emerging threats in the Web3 landscape, including “ice phishing” campaigns, as a surge in adoption of blockchain and DeFi technologies emphasizes the need to build security into the decentralized web while it’s still in its early

Read More

Critical Flaw Uncovered in WordPress Backup Plugin Used by Over 3 Million Sites

Patches have been issued to contain a “severe” security vulnerability in UpdraftPlus, a WordPress plugin with over three million installations, that can be weaponized to download the site’s private data using an account on the vulnerable sites. “All versions of

Read More

U.S. Cybersecurity Agency Publishes List of Free Security Tools and Services

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday published a repository of free tools and services to enable organizations to mitigate, detect, and respond effectively to malicious attacks and further improve their security posture. The “Free Cybersecurity Services

Read More

US, UK Agencies Warn of New Russian Botnet Built from Hacked Firewall Devices

Intelligence agencies in the U.K. and the U.S. disclosed details of a new botnet malware called Cyclops Blink that’s been attributed to the Russian-backed Sandworm hacking group and deployed in attacks dating back to 2019. “Cyclops Blink appears to be

Read More

From Pet Systems to Cattle Farm — What Happened to the Data Center?

There’s something about craftsmanship. It’s personal, its artistry, and it can be incredibly effective in achieving its goals. On the other hand, mass-market production can be effective in other ways, through speed, efficiency, and cost savings. The story of data

Read More

CISA Alerts on Actively Exploited Flaws in Zabbix Network Monitoring Platform

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of two security flaws impacting Zabbix open-source enterprise monitoring platform, adding them to its Known Exploited Vulnerabilities Catalog. On top of that, CISA is also recommending that

Read More

Blog - UK News - BlogUK News - BlogUK