Honeypot Experiment Reveals What Hackers Want from IoT Devices ​A three-year-long honeypot experiment featuring simulated low-interaction IoT devices of various types and locations gives a clear idea of why actors target specific devices. More specifically, the honeypot was meant to create a sufficiently diverse ecosystem and cluster the generated data Read more…
‘Hack DHS’ Bug Bounty Program Expands to Log4j Security Flaws The Department of Homeland Security (DHS) has announced that the ‘Hack DHS’ program is now also open to bug bounty hunters willing to track down DHS systems impacted by Log4j vulnerabilities. “In response to the recently discovered log4j vulnerabilities, @DHSgov  is Read more…
Rideshare Account Hacker Faces up to 22 years in Prison A man pleaded guilty to fraudulently opening rideshare and delivery service accounts using stolen identity information sold on dark web marketplaces. Flavio Candido da Silva, 36, resident of Malden, Massachusetts, has pleaded guilty to one count of conspiracy to commit Read more…
Microsoft Azure App Service flaw Exposed Customer Source Code A security flaw found in Azure App Service, a Microsoft-managed platform for building and hosting web apps, led to the exposure of PHP, Node, Python, Ruby, or Java customer source code for at least four years, since 2017. Only Azure App Service Linux customers were Read more…
Opera Browser Working on Clipboard Anti-hijacking Feature The Opera browser team is working on a new clipboard monitoring and protection system called Paste Protection, which aims to prevent content hijacking and snooping. Opera introduced the new feature in development version 83, and Bleeping Computer has tested it on developer version Read more…
Microsoft Teams Bug Allowing Phishing Unpatched Since March Microsoft said it won’t fix or is delaying patches for several security flaws impacting Microsoft Teams’ link preview feature reported since March 2021. German IT security consultancy firm Positive Security’s co-founder Fabian Bräunlein discovered four vulnerabilities leading to Server-Side Request Forgery (SSRF), Read more…
Dridex Malware Trolls Employees with Fake Job Termination Emails A new Dridex malware phishing campaign is using fake employee termination emails as a lure to open a malicious Excel document, which then trolls the victim with a season’s greeting message. Dridex is a banking malware spread through malicious emails that Read more…
NVIDIA Discloses Applications Impacted by Log4j Vulnerability NVIDIA has released a security advisory detailing what products are affected by the Log4Shell vulnerability that is currently exploited in a wide range of attacks worldwide. Also Read: How COVID-19 Contact Tracing in Singapore Applies at Workplace After a thorough investigation, NVIDIA has Read more…
CISA Releases Apache Log4j Scanner to Find Vulnerable Apps The Cybersecurity and Infrastructure Security Agency (CISA) has announced the release of a scanner for identifying web services impacted by two Apache Log4j remote code execution vulnerabilities, tracked as CVE-2021-44228 and CVE-2021-45046. “log4j-scanner is a project derived from other members of the open-source Read more…
Major Services Including Slack, AWS, Hulu, Imgur Facing Outages Major services across the internet are currently facing ongoing networking outages. Popular sites and apps can’t be reached These services include Amazon, AWS, Hulu, Slack, Imgur, Asana, Grindr, Scruff, HubSpot, Zendesk, among other popular sites and services. Also Read: What a Vulnerability Assessment Read more…
Let us help you out.
Singapore
7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987
Thailand
The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand
Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!
Click one of our contacts below to chat on WhatsApp
