Google Pushes Emergency Chrome Update to Fix Zero-day Used in Attacks Google has released Chrome 96.0.4664.110 for Windows, Mac, and Linux, to address a high-severity zero-day vulnerability exploited in the wild. “Google is aware of reports that an exploit for CVE-2021-4102 exists in the wild,” the browser vendor said in today’s security advisory. Although Read more…
TinyNuke Info-stealing Malware is Again Attacking French Users The info-stealing malware TinyNuke has re-emerged in a new campaign targeting French users with invoice-themed lures in emails sent to corporate addresses and individuals working in manufacturing, technology, construction, and business services. The goal of this campaign is to steal credentials and other Read more…
Phishing Campaign Uses PowerPoint Macros to Drop Agent Tesla A new variant of the Agent Tesla malware has been spotted in an ongoing phishing campaign that relies on Microsoft PowerPoint documents laced with malicious macro code. Agent Tesla is a .Net-based info-stealer that has been circulating the internet for many years but Read more…
Dell Driver Fix Still Allows Windows Kernel-level Attacks In May 2021, a set of five vulnerabilities in Dell computer drivers collectively tracked as CVE-2021-21551 was disclosed and fixed after it remained exploitable for 12 years. However, Dell’s fix wasn’t comprehensive enough to prevent additional exploitation, and as security researchers warn now, it Read more…
Kronos Ransomware Attack May Cause Weeks of HR Solutions Downtime Workforce management solutions provider Kronos has suffered a ransomware attack that will likely disrupt many of their cloud-based solutions for weeks. Kronos is a workforce management and human resources provider who provides cloud-based solutions for managing timekeeping, payroll, employee benefits, Read more…
Attackers Can Get Root by Crashing Ubuntu’s AccountsService A local privilege escalation security vulnerability could allow attackers to gain root access on Ubuntu systems by exploiting a double-free memory corruption bug in GNOME’s AccountsService component. AccountsService is a D-Bus service that helps manipulate and query information attached to the user accounts Read more…
Bugs in Billions of WiFi, Bluetooth Chips Allow Password, Data Theft Researchers at the University of Darmstadt, Brescia, CNIT, and the Secure Mobile Networking Lab, have published a paper that proves it’s possible to extract passwords and manipulate traffic on a WiFi chip by targeting a device’s Bluetooth component. Modern Read more…
Ukraine Arrests 51 for Selling Data of 300 Million People in US, EU Ukrainian law enforcement arrested 51 suspects believed to have been selling stolen personal data on hacking forums belonging to hundreds of millions worldwide, including Ukraine, the US, and Europe. “As a result of the operation, about 100 Read more…
Police Arrests Ransomware Affiliate Behind High-profile Attacks Romanian law enforcement authorities arrested a ransomware affiliate suspected of hacking and stealing sensitive info from the networks of multiple high-profile companies worldwide, including a large Romanian IT company with clients from the retail, energy, and utilities sectors. The 41-year-old Romanian national was arrested Monday Read more…
December 2021 PDPC Incidents and Undertaking The December 2021 PDPC Incidents and Undertaking decision of the Personal Data Protection Commission (PDPC) have been published on PDPC’s official website. For this month, only one (1) case has been issued covering a warning for Belden Singapore Pte Ltd. It should be noted Read more…
Let us help you out.
Singapore
7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987
Thailand
The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand
Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!
Click one of our contacts below to chat on WhatsApp
