Security researchers have discovered a security flaw in Android-based TCL smart TVs, according to PC Mag. A three-month investigation from security researcher “Sick Codes” and Shutterstock application security engineer John Jackson discovered that the file system of TCL smart TV can be assessed over WiFi via an undocumented TCP/IP port.The cybersecurity expert commented below in response to this research.
ISBuzz Team
Following the news that people could be asked to prove they’ve had the COVID vaccine to get into sports events and concerts, please find below a comments from Cybersecurity Expert.
Microsoft Director of Identity Security Alex Weinert advised in “It’s Time to Hang Up on Phone Transports for Authentication” that it’s time to move on from public switched networks for authentication such as SMS and voice call one-time codes, and move to more secure MFA solutions such as app-based authenticators and security keys.
American outdoor recreation retailer The North Face has reset the passwords of some of its customers following a credential stuffing attack launched on October 8 and 9.
Google is bringing Chrome in line with the likes of Safari and Firefox by introducing a security feature that will help to protect users against tab hijacking, according to TechRadar. A technique known as tab-nabbing is used in various attacks, including phishing campaigns that redirect victims to malicious sites, but it can be avoided if websites are coded in a particular way. With Chrome 88, Google is taking steps to offer protection against a particular variant of this threat – an exploit takes advantage of the fact that when a link is opened in a new tab using the attribute…
The immensely popular children’s online playground Animal Jam has suffered a data breach impacting 46 million accounts. This is confirmed when a hacker shared two databases belonging to Animal Jam for free on hacker forum stating it was obtained by ShinyHunters. These databases contain: 46 million player usernames, which are human moderated to make sure they do not contain a child’s proper name.46 million SHA1 hashed passwords.Approximately 7 million email addresses of parents whose children registered for Animal Jam
On October 22, Steelcase was hit with cyberattck as per announcement by Steelcase in a filling with the Securities and Exchange Commission (SEC) on October 27. This is Ryuk ransomware attack that forced Steelcase to shutdown all impacted systems and related operations. Steelcase is the world’s largest office furniture manufacturer with $3.7 billion in revenue in 2020 with almost 13,000 emplyees worldwide and a network of 800 dealers.
For most of us, COVID-19 is a cause of great concern, but for hackers, it is a cause for celebration. Since the beginning of the pandemic, cyber security attacks of all sorts have been on the rise with ransomware attacks being attackers’ favorite. Two independent analyses of the attack vectors used in successful ransomware attacks, carried out by Kroll and Coveware clearly indicate that the most exploited attack vector is Remote Desktop Protocol (RDP) which was used in 47% to 55% of ransomware attacks carried out during the recent years. Other common vectors include email phishing, software vulnerabilities and account…
2020 (ISC)2 Cybersecurity Workforce Study chronicles the resiliency, outlook and perseverance of this growing profession as it faced the unprecedented challenges of the COVID-19 pandemic Clearwater, FL, November 11, 2020 – (ISC)² – the world’s largest nonprofit association of certified cybersecurity professionals – today released the findings of its 2020 Cybersecurity Workforce Study. 3,790 respondents, all of whom dedicate at least 25% of their time to cybersecurity tasks, were surveyed across 14 geographies in order to accurately assess the size of the current cybersecurity workforce and the challenges and opportunities they face. For the first time, the study indicates a…
In response to Microsoft’s new format of Patch Tuesday releases, which removes a lot of critical vulnerability detail that companies rely on to determine the severity of each flaw, Cybersecurity experts has made the following comments.