Hackers Can Now Bypass PIN Codes on Mastercard and Maestro Contactless Cards

Contacless Mastercard and Maestro PINs can be bypasses due to a new vulnerability discovered by Swiss College of Engineering in Zurich, according to Cybersecurity News.  The key aspect of the flaw is that it allows thieves to use a hacked Mastercard or Maestro card to make contactless payments without having to input the PIN to complete the transaction,...

3w

Google, Microsoft To Invest $30B in Cybersecurity

Following sophisticated cyberattacks that targeted critical infrastructure, organizations and governments around the world, Microsoft, Amazon, Apple, IBM and Google pledged to invest a total of $30 billion in cybersecurity advances over the next 5 years, according to The Hacker News.  US plans to develop a framework to improve the supply chain technologies...

3w

Microsoft Warns of Widespread Open Redirects Phishing Attacks

Microsoft issued a warning about a huge phishing campaign that uses open email links to steal credentials, according to The Hacker News. An old idiom advises us to work smart, not hard and nobody applies it better than modern hackers. Using something as common as URLs, threat actors manage to trick numerous users into introducing sensitive information...

3w

Legal Consequences Possible by Cybersecurity Standards Non-Compliance

With an average cost of a data breach reaching an all-time high of $4.24 million, still some companies fail to see the full picture and don't meet modern cybersecurity standards, according to Tripwire.   Despite the fact that online threats are increasing on a daily basis, numerous firms fail to recognize the importance of proper cybersecurity. Interestingly...

3w

Critical Cosmos Database Flaw Affecting Microsoft Azure Customers

Microsoft sent out a warning to thousands of cloud computing customers regarding threat actors that can view, modify, or even delete master databases if they gain access to their systems, according to Reuters. Wiz announced that Microsoft Azure's flagship Cosmos database contain a vulnerability that allows access to keys that control access to the...

3w

Chinese Developers Reveal Android Gamers' Data

A vpnMentor investigation found that a 134 GB server owned by EskyFun is exposed and user data was leaked for game titles such as Metamorph M, The Three Kingdoms Legend, Adventure Story, Rainbow Story, and Fantasy MMORPG. The aforementioned games were downloaded 1.6 million times, whereas the leaked information had more than 365 million records....

3w

Kaspersky: Kanye's Upcoming Album is a Scam Magnet

Cybercriminals are launching a new scam to take advantage of the release of Kanye West's Donda album by distributing malicious fake downloads on the Internet, according to Tech Republic. Cybersecurity firm Kaspersky proactively studied the event to see if threat actors were spreading any malware across the Internet. They emphasized that one of the...

3w

Work from Home Increased Worldwide Phishing Attacks

Over the course of September 2019 to April 2021, Palo Alto Network's Unit 42 monitored firewall traffic and phishing sites detected by URL filters. The number of new phishing pages per week increased significantly when individuals began working from home.  Threat actors improved and intensified their phishing attacks by exploiting remote work environments...

3w

Kaseya Patches New 0-Day Vulnerabilities Affecting Unitrends Servers

Two zero-day vulnerabilities affecting Unitrends backup and continuity service have been patches by Kaseya recently, according to The Hacker News.  Dutch Institute for Vulnerability Disclosure (DIVD) informed that the provider of IT infrastructure management solutions has solved server software bugs 10.5.5-2 reported on August 12. Both vulnerabilities...

3w

Engineering PCs Are Concerning Initial Access Vector in OT Attacks

A new report titled SANS 2021 OT/ICS Cybersecurity Report contains alarming information gathered from 480 individuals in various industries. Organizations that use operational technology (OT) and industrial control systems (ICS) are very concerned about cyber attacks.  The findings highlight the need for businesses to improve the ability to anticipate...

3w