Critical vulnerabilities have been identified with company trio Pulse Secure VPN devices, Juniper, and cybersecurity firm SonicWall.
ISBuzz Team
Following media reports that, according to a private cybersecurity firm, Chinese government hackers are believed to have compromised dozens of US government agencies, defense contractors, financial institutions, and other critical sectors, cyber defense experts commented below.
Following the news around MI5 warning 10,000 British officials had been targeted by spies through LinkedIn, experts commented below.
Department for Digital, Culture, Media, and Sport has today published figures that show almost half (49%) of UK consumers have bought at least one smart device since the outbreak of the Covid-19 pandemic in 2020. Computer Weekly reports such products may appear to offer a vast range of benefits, yet many are highly vulnerable to cyber-attacks. “Planned new legislation to address this shortfall in device security will force suppliers to tell users at the point of sale for how long their product will receive security software updates and patches. DCMS said it would now also be putting smartphones in the scope of…
Security researchers have uncovered a batch of Google Play apps that stole users’ text messages and made unauthorized purchases on users’ dime. The malware, which was hidden in eight apps that had more than 700,000 downloads, hijacked SMS message notifications and then made unauthorized purchases, McAfee mobile researchers Sang Ryol Ryu and Chanung Pak said Monday. McAfee is calling the malware Android/Etinu. The researchers said an investigation of the attacker-operated server that controlled infected devices showed it stores all kinds of data from users’ phones, including their mobile carrier, phone number, SMS messages, IP address, country, and network status.
Makers of smart devices including phones, speakers, and doorbells will need to tell UK customers upfront how long a product will be guaranteed to receive vital security updates under groundbreaking plans to protect people from cyber attacks. More on the news here:
The White House said on Tuesday that President Joe Biden’s administration is beginning a 100-day plan to guard critical U.S. electric infrastructure against sophisticated cyber threats. Following the news, please see below comments from Edgard Capdevielle, CEO of Nozomi Networks:
TechCrunch has reported that Geico, the second-largest auto insurer in the U.S., has fixed a security bug that let fraudsters steal customers’ driver’s license numbers from its website. A data breach notice filed with the California attorney general’s office said information gathered from other sources was used to “obtain unauthorized access to your driver’s license number through the online sales system on our website.” According to TechCrunch, Geico did not say how many customers were affected by the breach but said the fraudsters accessed customer driver’s license numbers between January 21 and March 1. Companies are required to alert the…
WhatsApp users have been reporting that they are receiving links that claim to turn the application’s theme from its trademark green to pink. It also promises ‘‘new features” that have not been specified. Cyber experts have warned users to refrain from opening any such link. The concerning part is that the link has been masked as an official update from WhatsApp which is making people oblivious to its malicious intent. If a user clicks on the link, their phones might get hacked and they may even lose access to their Whatsapp account. As is the norm with WhatsApp users, many of them…
Following media reports that hackers who tampered with a software development tool from a company called Codecov used that program to gain restricted access to hundreds of networks belonging to the San Francisco firm’s customers, cybersecurity experts commented below.