Day: November 25, 2021

Hexaware partners with DataRobot to accelerate AI initiatives for businesses

Hexaware announced it has partnered with DataRobot to empower businesses across industries to accelerate their AI initiatives, helping drive business impact at scale. Despite the incredible benefits AI can offer to organizations, industry reports state that only 14.6% of firms have deployed AI capabilities in production. The DataRobot and Hexaware partnership enables institutions to break …

Hexaware partners with DataRobot to accelerate AI initiatives for businesses Read More »

Massive data breach at Pakistan: every single citizen affeced

A report by Pakistani Federal Investigation Agency notes that a database containing the information of all citizens was compromised in a cybersecurity incident. Federal agents say threat actors have used the exposed information to illegally obtain SIM cards. The National Database and Registration Authority (NADRA), responsible for safeguarding this information, notified the federal agency about …

Massive data breach at Pakistan: every single citizen affeced Read More »

[webapps] Bagisto 1.3.3 – Client-Side Template Injection

# Exploit Title: Bagisto 1.3.3 – Client-Side Template Injection # Date: 11-25-2021 # Exploit Author: Mohamed Abdellatif Jaber # Vendor Homepage: https://bagisto.com/en/ # Software Link: https://github.com/bagisto/bagisto # Version: v1.3.3 # Tested on: [windows | chrome | firefox ] Exploit :. 1- register an account and login your account 2- go to your profile and edit …

[webapps] Bagisto 1.3.3 – Client-Side Template Injection Read More »

Tardigrade: The new malware that only targets medicine and vaccine manufacturing plants

According to the Bioeconomy Information Sharing and Analysis Center (BIO-ISAC), multiple facilities dedicated to the manufacture and development of drugs are being attacked by a new malware variant that seems to have very specific targets in the industry. According to the report, the first infection of the malware, known as Tardigrade, was detected in early …

Tardigrade: The new malware that only targets medicine and vaccine manufacturing plants Read More »

Firm that breached Instagram’s privacy rules ordered to pay $24 million in class-action ruling

Keith Fraser reports: A B.C. judge has certified a class-action lawsuit against a company that breached Instagram’s privacy policies in connection with nearly 2.4 million Instagram users in Canada. The firm has been ordered to pay more than $24 million in damages. The allegation in the court case was that Hyp3r Inc., a U.S.-based marketing …

Firm that breached Instagram’s privacy rules ordered to pay $24 million in class-action ruling Read More »

Overview of Legislations on Cybersecurity, Personal Data Protection and Computer Misuse

The Cyber Security Agency of Singapore (CSA) had collaborated with the PDPC and Singapore Police Force (SPF) to develop a handbook covering an overview of the Cybersecurity Act, Computer Misuse Act and Personal Data Protection Act. The handbook explains the three different legislations and how they work in tandem, illustrated through examples of data breaches. …

Overview of Legislations on Cybersecurity, Personal Data Protection and Computer Misuse Read More »

New Linux CronRAT hides in cron jobs to evade detection in Magecart attacks

Security researchers discovered a new Linux RAT, tracked as CronRAT, that hides in scheduled cron jobs to avoid detection. Security researchers from Sansec have discovered a new Linux remote access trojan (RAT), tracked as CronRAT, that hides in the Linux task scheduling system (cron) on February 31st. Threat actors hides the malware in the task names, …

New Linux CronRAT hides in cron jobs to evade detection in Magecart attacks Read More »

China’s top policymaking body charts plan for science and technology ‘self-sufficiency’

China’s top policymaking body, the Central Comprehensively Deepening Reforms Commission, approved a plan on Wednesday for developing homegrown science and technology with an eye toward helping China achieve “self-sufficiency and self-empowerment in technology.” According to a summary of Xi’s comments at the meeting released by the state-run Xinhua News Agency, the Chinese leader said that …

China’s top policymaking body charts plan for science and technology ‘self-sufficiency’ Read More »

Nanobrok – Web Service For Control And Protect Your Android Device Remotely

Web Service write in Python for control and protect your android device remotely.  The official app can be found on the PlayStore: NanobrokProNanobrok CommunityOverview Nanobrok-Server is powerful opensource webservice for control and protect your android device, written in Python, that allow and offer a stable and security connection with your android device for protect , …

Nanobrok – Web Service For Control And Protect Your Android Device Remotely Read More »

Introducing FFIEC Maturity Assessment Support

We all know financial institutions and credit unions need to be cyber secure. That’s not a surprise to anyone in 2021. But cybersecurity is a moving target and is often difficult to establish in organizations with numerous departments, processes and vendors. That’s why the Federal Financial Institutions Examination Council (FFIEC) built the Cybersecurity Maturity Assessment. …

Introducing FFIEC Maturity Assessment Support Read More »

UK government transport website caught showing porn

One of the websites of the UK Department for Transport (DfT) was caught serving porn today. The particular DfT subdomain behind the mishap, on most days, provides vital DfT statistics for the public and the department’s business plan. A very British thanksgiving The UK DfT’s charts.dft.gov.uk website was seen serving porn today, as confirmed by BleepingComputer. In the past, the Charts …

UK government transport website caught showing porn Read More »

How cybercriminals adjusted their scams for Black Friday 2021

Black Friday is approaching, and cybercriminals are honing their malware droppers, phishing lures, and fake sites while shoppers prepare to open their wallets. As researchers at Kaspersky point out, scammers are already targeting people with fake tickets for the FIFA World Cup 2022. The security firm shared a detailed report highlighting the most common threats expected to …

How cybercriminals adjusted their scams for Black Friday 2021 Read More »

New research: Millions of Huawei smartphones are inflected with malware

Specialists from the security firm Dr Web report the detection of multiple applications infected with malware in AppGallery, the official application store for Huawei devices. The apps are infected with Android.Cynos.7.origin, a variant of the well-known Cynos Trojan, and have been installed more than 9 million times. It is worth noting that Huawei launched AppGallery …

New research: Millions of Huawei smartphones are inflected with malware Read More »

UK government bans IoT devices companies to use default passwords for configuring devices

The British parliament has approved a new provision that will ban the use of universal default passwords for Internet of Things (IoT) devices, which is expected to mitigate the risk of cyberattacks related to factory reset. This new bill, known as the Product Security and Telecommunications Infrastructure Bill (PSTI), requires tech companies to use unique …

UK government bans IoT devices companies to use default passwords for configuring devices Read More »

Philippines: Personal data of 22,000 S&R members compromised in cyberattack

Security In a statement, NPC confirmed the receipt of a breach notification report on November 15 from S&R Membership Shopping concerning a cyberattack “that may have compromised its members’ personal data.” In a statement, NPC confirmed the receipt of a breach notification report on November 15 from S&R Membership Shopping concerning a cyberattack “that may …

Philippines: Personal data of 22,000 S&R members compromised in cyberattack Read More »

Philippines: Personal data of 22,000 S&R members compromised in cyberattack

Security In a statement, NPC confirmed the receipt of a breach notification report on November 15 from S&R Membership Shopping concerning a cyberattack “that may have compromised its members’ personal data.” In a statement, NPC confirmed the receipt of a breach notification report on November 15 from S&R Membership Shopping concerning a cyberattack “that may …

Philippines: Personal data of 22,000 S&R members compromised in cyberattack Read More »