Category: security
Amazon EC2 instances under fire from whoAMI attacks potentially giving hackers code execution access
A flaw named WhoAMI was found in Amazon Machine Image It allows threat actors to gain RCE abilities on people’s AWS accounts A fix has been released, but many users are still yet to update Amazon Web Services (AWS) users are potentially vulnerable to a name confusion attack called “whoAMI”,…
Read More
Microsoft Outlook targeted by new malware attacks allowing sneaky hijacking
Security researchers spot new piece of malware called FinalDraft It gets commands from a drafted email It can exfiltrate data, run PowerShell, and more Cybersecurity researchers from Elastic Security Labs have discovered a new piece of malware which abuses draft email messages in Outlook for data exfiltration, PowerShell execution, and…
Read More
Worrying YouTube security flaw exposed billions of user emails
A researcher has discovered a worrying YouTube security vulnerability The flaw allowed outsiders to gain access to all YouTube account emails This has since been patched, so users should update as soon as possible Experts have warned that any email from a YouTube account could be pulled from Google with…
Read More
Zacks Investment hit in data breach – 12 million users potentially at risk
A hacker posted a new thread on an underground forum They claim to have stolen data on 12 million people from Zacks Investment Research Zacks hasn’t responded to media inquiries yet Zacks Investment Research, a financial data, stock research, and analysis company based in Chicago, apparently suffered a cyberattack in…
Read More
Not even emoji are safe from hackers – smiley faces can be hijacked to hide data, study claims
Researcher finds a way to add invisible text to emojis It probably can’t be used for malware…probably It could be used for watermarking or bypassing human moderation A security researcher claims to have discovered a way to hide extra information inside emoji. Paul Butler explained how he experimented with Unicode…
Read More
US, UK crack down on Russian bulletproof hosting service ZServers for LockBit partnership
The US, UK, and Australia, placed sanctions on ZServers and five individuals They are all being linked to the infamous LockBit RaaS Businesses in these countries are not allowed to transact with ZServers or its employees Russia-based bulletproof hosting services provider (BPH) ZServers has been sanctioned by the United States,…
Read More