Secure your applications to avoid over 43% of breaches Did you know the primary applications used by most businesses are web applications (i.e. websites)? Attacks against web applications are attacks on the application layer. Verizon’s 2020 data breach report suggests web applications were involved in 43% of known breaches. Statistics cannot be used to account […]
If you have never experienced a vishing scam, then this is the alert for you. You may want your friends and co-workers to listen too and see if they can spot why it is a scam. Be warned that this can happen with people using any accent from anywhere in the world if they have […]
There is another Android trojan roaming on mobile smartphones known as BlackRock, which can steal card data from more than 337 apps. What makes this trojan unique to other trojan apps, is the number of applications it can steal data from. It can steal usernames and passwords where available as well as prompt users to […]
Users of twitter have been scammed by attackers who took control of well-known people such as Jeff Bezos and Elon Musk. Within 30 minutes, the attackers were supposedly able to gain over £80,000. This was shut down quickly, but a lot of damage had been done. There are 2 issues raised here: Security of twitter […]
Over 40,000 SAP customers need to update to the latest version to mitigate risk from remote unauthenticated attackers obtaining complete access to their SAP database. Although there is no evidence it has been exploited yet, it is only a matter of time before malicious attackers take advantage of this. Don’t let them exploit you! The […]
09
Jul
Jul
“But my phone cannot be hacked!” Phrases like this are far too common and can hold significant consequences. For one, those who believe any device they use is impenetrable are unaware of the threats they face. Historically, these statements have a 100% chance of being wrong and have demonstrated that cyber security is a marathon, […]
This vulnerability gives the CVSS score of 10/10, meaning it could result in unpatched users to be completely compromised. The issue is in the TMUI configuration utility and can be exploited by unauthenticated remote attackers via sending a malicious HTTP request to the vulnerable server. In June, there were over 8000 vulnerable devices that were […]
Over 2,500 vulnerable devices from Geovision have a backdoor due to a weak default password “admin”. This can lead to these devices being remotely compromised. As a best practice, ensure all root passwords are complex and are not set to the default value. Other flaws include allowing unauthenticated attackers to access system logs, using hardcoded […]
Those who are using old D-Link routers might not able to work from home and are opening themselves for malicious attacks. This due to a vulnerability in those D-Link routes that allows attackers to inject commands and cause DoS. Users of those vulnerable old routers won’t be able to upgrade its firmware as it’s no […]
29
Apr
Apr
Social engineering can be summed up as hacking the human. Simply put it is the action of leveraging human frailty – our reaction to urgency, to compliance with perceived figures of authority, to taking information at face value – and using it against us as a way of eliciting information or performing unauthorised actions. Social […]
- 1
- 2