April 24, 2022

Animated QR codes: How do they Work, and how to Create your Own? Two-dimensional (2D) barcodes, more prominently recognized as QR codes, are back in fashion—with much demand for just about ‘contactless’ everything these days. Coinbase didn’t waste time in seizing this opportunity either: its genius Superbowl 2022 TV ad was nothing but a mysterious QR Read more…

‘Hack DHS’ Bug Hunters Find 122 Security Flaws in DHS Systems The Department of Homeland Security (DHS) today revealed that bug bounty hunters enrolled in its ‘Hack DHS’ bug bounty program have found 122 security vulnerabilities in external DHS systems, 27 of them rated critical severity. DHS awarded a total Read more…

Russian Hackers are Seeking Alternative Money-laundering Options The Russian cybercrime community, one of the most active and prolific in the world, is turning to alternative money-laundering methods due to sanctions on Russia and law enforcement actions against dark web markets. Although the options are few, cybecriminals are discussing viable solutions to cash Read more…

US Govt Grants Academics $12M to Develop Cyberattack Defense Tools The US Department of Energy (DOE) has announced that it will provide $12 million in funding to six university teams to develop defense and mitigation tools to protect US energy delivery systems from cyberattacks. Cybersecurity tools developed as a result Read more…

T-Mobile Confirms Lapsus$ Hackers Breached Internal Systems T-Mobile has confirmed that the Lapsus$ extortion gang breached its network “several weeks ago” using stolen credentials and gained access to internal systems. The telecommunications company added that it severed the cybercrime group’s access to its network and disabled the credentials used in the Read more…

Chinese Hackers Behind Most Zero-day Exploits During 2021 Threat analysts report that zero-day vulnerability exploitation is on the rise, with Chinese hackers using most of them in attacks last year. Zero-day vulnerabilities are security weaknesses in software products that are either unknown or have not been fixed at the time Read more…

Atlassian Fixes Critical Jira Authentication Bypass Vulnerability Atlassian has published a security advisory to alert that its Jira and Jira Service Management products are affected by a critical authentication bypass vulnerability in Seraph, the company’s web application security framework. Seraph is used in Jira and Confluence for handling all login and logout Read more…

Ubuntu 22.04 LTS Released with Performance and Security Improvements Canonical has announced the general availability of version 22.04 of the Ubuntu Linux distribution, codenamed ‘Jammy Jellyfish’, which brings better hardware support and an improved security baseline. Ubuntu is the world’s most popular Linux distribution for consumers. It focuses on ease of Read more…

Docker Servers Hacked in Ongoing Cryptomining Malware Campaign Docker APIs on Linux servers are being targeted by a large-scale Monero crypto-mining campaign from the operators of the Lemon_Duck botnet. Cryptomining gangs are a constant threat to poorly secured or misconfigured Docker systems, with multiple mass-exploitation campaigns reported in recent years. LemonDuck, in particular, Read more…