Security

Pierluigi Paganini November 07, 2024
Canada ordered ByteDance to shut down TikTok operations in the country over security concerns

Canada ordered ByteDance to shut down TikTok operations over security concerns but did not issue a full ban on the platform. The Canadian government ordered ByteDance to wind up TikTok Technology Canada, Inc. over security concerns following a national security review under the Investment Canada Act Canada’s decision to require ByteDance to dissolve the operations of […]

Pierluigi Paganini November 07, 2024
Critical bug in Cisco UWRB access points allows attackers to run commands as root

Cisco fixed a critical flaw in URWB access points, allowing attackers to run root commands, compromising industrial wireless automation security. Cisco has addressed a critical vulnerability, tracked as CVE-2024-20418, that could be exploited by unauthenticated, remote attackers to run commands with root privileges on vulnerable Ultra-Reliable Wireless Backhaul (URWB) access points used for industrial wireless […]

Pierluigi Paganini November 06, 2024
South Korea fined Meta $15.67M for illegally collecting and sharing Facebook users

South Korea fined Meta $15.67M for illegally collecting and sharing Facebook users’ sensitive data, including political views and sexual orientation, with advertisers. South Korea’s data privacy watchdog, Personal Information Protection Commission (PIPC), fined Meta 21.62 billion won ($15.67 million) for illegally collecting sensitive personal information from Facebook users, including data about their political views and […]

Pierluigi Paganini November 06, 2024
Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Synology addressed a critical vulnerability in DiskStation and BeePhotos NAS devices that could lead to remote code execution. Taiwanese vendor Synology has addressed a critical security vulnerability, tracked as CVE-2024-10443, that impacts DiskStation and BeePhotos. An attacker can exploit the flaw without any user interaction and successful exploitation of this flaw could lead to remote […]

Pierluigi Paganini November 05, 2024
U.S. CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds PTZOptics PT30X-SDI/NDI camera bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Threat actors are attempting to exploit the two zero-day vulnerabilities CVE-2024-8956 and CVE-2024-8957 in PTZOptics pan-tilt-zoom (PTZ) live streaming cameras, GretNoise researchers warned last week. GreyNoise […]

Pierluigi Paganini November 04, 2024
July 2024 ransomware attack on the City of Columbus impacted 500,000 people

The July 2024 ransomware attack that hit the City of Columbus, Ohio, exposed the personal and financial data of 500,000 individuals. On July 18, 2024, the City of Columbus, Ohio, suffered a cyber attack that impacted the City’s services. On July 29, 2024, the City published an update on the City’s website and confirmed that the […]

Pierluigi Paganini November 04, 2024
Nigerian man Sentenced to 26+ years in real estate phishing scams

Nigerian Kolade Ojelade gets 26 years in U.S. for phishing scams that stole millions by hacking email accounts. A Nigerian national was sentenced to 26 years in prison in the US for stealing millions by compromising the email accounts of real estate businesses. The Nigerian national, Kolade Ojelade, Kolade Akinwale Ojelade (34), a resident of […]

Pierluigi Paganini November 03, 2024
US Election 2024 – FBI warning about fake election videos

US Election 2024 – The FBI warned that two fake videos on X spread false claims of ballot fraud and misinformation about Kamala Harris’s husband. In a post on X on Saturday, the Federal Bureau of Investigation (FBI) said the two videos were spreading rumours about ballot fraud and about Doug Emhoff, the husband of […]

Pierluigi Paganini November 01, 2024
New LightSpy spyware version targets iPhones with destructive capabilities

New LightSpy spyware targets iPhones supporting destructive features that can block compromised devices from booting up. In May 2024, ThreatFabric researchers discovered a macOS version of LightSpy spyware that has been active in the wild since at least January 2024. ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, CVE-2018-4404) to deliver macOS implants. The […]

Pierluigi Paganini November 01, 2024
LottieFiles confirmed a supply chain attack on Lottie-Player

LottieFiles confirmed a supply chain attack on Lottie-Player, and threat actors targeted cryptocurrency wallets to steal funds. LottieFiles confirmed that threat actors have hacked the Lottie-Player software in a supply chain attack. Lottie-Player is a web component from LottieFiles designed to render Lottie animations, which are lightweight, vector-based animations in JSON format. These animations are […]