Month: April 2022

Google warns billions of Chrome users of security vulnerabilities

Posted on April 30, 2022 at 11:12 AM Google has issued a warning to billions of Google Chrome users. The warning by the technology company says that users have been targeted by hackers who are looking for ways they can...

/ April 30, 2022

The U.S. Offers $10 Million Reward For Information On 6 Russian Hackers

Posted on April 30, 2022 at 11:05 AM The U.S government has announced a bounty of $10 million to anyone or persons with information about 6 Russian RGU hackers from the infamous Sandworm hacking group. The bounty is part of...

/ April 30, 2022

Indian Govt Orders Organizations to Report Security Breaches Within 6 Hours to CERT-In

India’s computer and emergency response team, CERT-In, on Thursday published new guidelines that require service providers, intermediaries, data centers, and government entities to compulsorily report cybersecurity incidents, including data breaches, within six hours. “Any service provider, intermediary, data center, body...

/ April 30, 2022

Microsoft Documents Over 200 Cyberattacks by Russia Against Ukraine

At least six different Russia-aligned actors launched no less than 237 cyberattacks against Ukraine from February 23 to April 8, including 38 discrete destructive attacks that irrevocably destroyed files in hundreds of systems across dozens of organizations in the country....

/ April 30, 2022

Breast Cancer Charity Exposed Sensitive Images of U.S. Patients

The Ardmore, Pennsylvania-based cancer charity Breastcancer.org suffered a massive data loss impacting thousands of its registered users. The IT security researchers at SafetyDetectives identified a misconfigured Amazon S3 bucket that was left publicly available without any safety protocols in place....

/ April 29, 2022

“Computer malfunction” Caused Death of 27,000 Chickens

A “computer malfunction” in the broiler shed ventilation system caused the death of over 27,000 chickens, while the firm responsible for the incident has been fined over £44,000. The incident occurred at Hose Lodge Farm in Colston Bassett, Nottinghamshire, England...

/ April 29, 2022

Improvements to boost the attack surface view, ports & more

TL/DR: Users now get additional insights on what is discovered on the attack surface. This includes information such as when an asset was last seen and to what extent an asset is exposed online, and much more. The attack surface...

/ April 29, 2022

Microsoft Azure Vulnerability Exposes PostgreSQL Databases to Other Customers

Microsoft on Thursday disclosed that it addressed a pair of issues with the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in a region. “By exploiting an elevated permissions bug in the Flexible Server...

/ April 29, 2022

Elon Musk Wants to Make Twitter DMs End-to-End Encrypted

The CEO of SpaceX and Tesla and the new owner of microblogging and social networking giant Twitter seem to be very impressed by the encrypted instant messaging service Signal. Elon Musk recently acquired Twitter for a whopping $44 billion (US$...

/ April 28, 2022

US and China Exposed Most Databases Among 308,000 Discovered in 2021

In total, 308,000 unsecured databases were found exposing sensitive assets worldwide of which around 90,000 databases have already been identified in the first quarter of 2022, a dramatically higher number than last year. In July 2020, researchers identified over 10,000...

/ April 28, 2022

Twitter’s New Owner Elon Musk Wants DMs to be End-to-End Encrypted like Signal

Elon Musk, CEO of SpaceX and Tesla and Twitter’s new owner, on Thursday called on adding support for end-to-end encryption (E2EE) to the platform’s direct messages (DM) feature. “Twitter DMs should have end to end encryption like Signal, so no...

/ April 28, 2022

A Complete Guide to Perform External Penetration Testing on Your Client Network | Step-by-Step Methods

This write-up walks us through one of my many journeys in my external penetration testing and how I compromised the organization in this write-up. After executing security assessments (e.g. Penetration Testing, Red Teaming, etc.), I make it a habit to...

/ April 28, 2022