Month: April 2022

Google warns billions of Chrome users of security vulnerabilities
Posted on April 30, 2022 at 11:12 AM Google has issued a warning to billions of Google Chrome users. The warning by the technology company says that users have been targeted by hackers who are looking for ways they can...

The U.S. Offers $10 Million Reward For Information On 6 Russian Hackers
Posted on April 30, 2022 at 11:05 AM The U.S government has announced a bounty of $10 million to anyone or persons with information about 6 Russian RGU hackers from the infamous Sandworm hacking group. The bounty is part of...

Indian Govt Orders Organizations to Report Security Breaches Within 6 Hours to CERT-In
India’s computer and emergency response team, CERT-In, on Thursday published new guidelines that require service providers, intermediaries, data centers, and government entities to compulsorily report cybersecurity incidents, including data breaches, within six hours. “Any service provider, intermediary, data center, body...

Microsoft Documents Over 200 Cyberattacks by Russia Against Ukraine
At least six different Russia-aligned actors launched no less than 237 cyberattacks against Ukraine from February 23 to April 8, including 38 discrete destructive attacks that irrevocably destroyed files in hundreds of systems across dozens of organizations in the country....

Breast Cancer Charity Exposed Sensitive Images of U.S. Patients
The Ardmore, Pennsylvania-based cancer charity Breastcancer.org suffered a massive data loss impacting thousands of its registered users. The IT security researchers at SafetyDetectives identified a misconfigured Amazon S3 bucket that was left publicly available without any safety protocols in place....

“Computer malfunction” Caused Death of 27,000 Chickens
A “computer malfunction” in the broiler shed ventilation system caused the death of over 27,000 chickens, while the firm responsible for the incident has been fined over £44,000. The incident occurred at Hose Lodge Farm in Colston Bassett, Nottinghamshire, England...

Improvements to boost the attack surface view, ports & more
TL/DR: Users now get additional insights on what is discovered on the attack surface. This includes information such as when an asset was last seen and to what extent an asset is exposed online, and much more. The attack surface...

Microsoft Azure Vulnerability Exposes PostgreSQL Databases to Other Customers
Microsoft on Thursday disclosed that it addressed a pair of issues with the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in a region. “By exploiting an elevated permissions bug in the Flexible Server...

Elon Musk Wants to Make Twitter DMs End-to-End Encrypted
The CEO of SpaceX and Tesla and the new owner of microblogging and social networking giant Twitter seem to be very impressed by the encrypted instant messaging service Signal. Elon Musk recently acquired Twitter for a whopping $44 billion (US$...

US and China Exposed Most Databases Among 308,000 Discovered in 2021
In total, 308,000 unsecured databases were found exposing sensitive assets worldwide of which around 90,000 databases have already been identified in the first quarter of 2022, a dramatically higher number than last year. In July 2020, researchers identified over 10,000...

Twitter’s New Owner Elon Musk Wants DMs to be End-to-End Encrypted like Signal
Elon Musk, CEO of SpaceX and Tesla and Twitter’s new owner, on Thursday called on adding support for end-to-end encryption (E2EE) to the platform’s direct messages (DM) feature. “Twitter DMs should have end to end encryption like Signal, so no...

A Complete Guide to Perform External Penetration Testing on Your Client Network | Step-by-Step Methods
This write-up walks us through one of my many journeys in my external penetration testing and how I compromised the organization in this write-up. After executing security assessments (e.g. Penetration Testing, Red Teaming, etc.), I make it a habit to...