French intel found flaws in Bluetooth Core and Mesh specs
Attackers could exploit a set of Bluetooth vulnerabilities, affecting the Core and Mesh Profile specifications, to conduct man-in-the-middle (MitM) attacks. Researchers at the french intelligence agency ANSSI discovered multiple flaws in the Bluetooth Core and Mesh…
Zeppelin ransomware gang is back after a temporary pause
Operators behind the Zeppelin ransomware-as-a-service (RaaS) have resumed their operations after a temporary interruption. Researchers from BleepingComputer reported that operators behind the Zeppelin ransomware-as-a-service (RaaS), aka Buran, have resumed their…
Contactless Passwordless Auto Login
with the most innovative NFC hardware password manager which received the Global Infosec Awards 2021 By Jacques GASCUEL, CEO of Freemindtronic On a daily basis, every company, regardless of its…
A dozen Android apps exposed data of 100M+ users
Check Point researchers found 23 Android apps that exposed the personal data of more than 100 million users. Security researchers from Check Point have discovered 23 Android applications that exposed…
Housekeeping Pitfalls of Vulnerability Management
By Srinivas Mukkamala, Co-Founder and CEO, RiskSense Vulnerability management doesn’t always get the attention it needs until it’s too late. Vulnerability management is siloed and is slow to adapt to…
Humans Just Can’t Cut it Anymore
By Peter Stephenson, PhD, CISSP (lifetime), FAAFS (2015-16) Let’s face it, folks… when it comes to interdicting and stopping a cyberattack we’re tortoises racing the hare. When the adversary unleashes…
Android stalkerware, a danger for victims and stalkers
ESET research shows that Android stalkerware apps are affected by vulnerabilities that further threaten victims. ESET research reveals that common Android stalkerware apps are affected with vulnerabilities that could expose…
Darkside gang lost control of their servers and funds
The operators of the Darkside ransomware announced that they have lost control of their infrastructure and part of the funds the gang obtained from the victims. Darkside ransomware operators say…
The Case for Open XDR
The current model for cybersecurity is broken. It consists of acquiring and deploying a lot of stand-alone tools, each with its own console, to analyze logs or traffic and detect…
Most of Exim email servers could be hacked by exploiting 21Nails flaws
The maintainers of the Exim email server software addressed a collection of 21 issues, dubbed 21Nails, that can allow attackers to fully compromise mail servers. The maintainers of the Exim…
Experian API exposed credit scores of tens of millions of Americans
Experian API Exposed Credit Scores of Most Americans could have been accessed due to a weakness with a partner website. Experian API exposed credit scores of tens of millions of…
SecOps as a Service; The Future of Cybersecurity
By Manoj Arora, CEO & Founder, Difenda The cybersecurity industry was a different place when I founded Difenda in 2008. I saw the same issue over and over again—companies misled…