APIs (application programming interface) are a key part of interoperability and functionality online – but they have to secure: LEGO BrickLink bugs let hackers hijack accounts, breach servers (bleepingcomputer.com) How much are you relying on your web designer to protect your reputation?
Ransomware is never far from the news
Threat actors have been taking advantage of an exploited set of Microsoft credentials to embed ransomware attacks into signed drivers: Microsoft-signed malicious Windows drivers used in ransomware attacks (bleepingcomputer.com) And LockBit got through the cyber security defences of California’s Department of Finance: LockBit claims attack on California’s Department of Finance …
Twitter user data is from an old data breach but Uber’s is a new one!
The vast amount of Twitter user data that has recently been exposed online is from a data breach from 2021, not a new data breach according to Twitter. Twitter confirms recent user data leak is from 2021 breach (bleepingcomputer.com) None of these big tech companies ever give the impression in …
Continue reading “Twitter user data is from an old data breach but Uber’s is a new one!”
Vulnerable and malicious Android apps
There have been several stories this week highlighting issues with Android apps: Compromised Android keys used to sign info-stealing malware • The Register Android malware apps with 2 million installs spotted on Google Play (bleepingcomputer.com) New ‘Zombinder’ platform binds Android malware with legitimate apps (bleepingcomputer.com) I have written about the …
Zerobot malware targets a wide range of vulnerable devices – are your devices on the list?
From online CCTV cameras to popular router modems, Zerobot malware is infecting devices that have not been patched to build a network to carry out distributed denial of service attacks (DDoS). New Zerobot malware has 21 exploits for BIG-IP, Zyxel, D-Link devices (bleepingcomputer.com) The Bleeping Computer article has the details …
