Newsroom

A hand-picked curation of industry news and information, to keep you well informed on all things cyber security

Popular video conferencing app Zoom recently fixed a new security flaw that could have allowed potential attackers to crack the numeric passcode used to secure private meetings on the platform and snoop on participants. Zoom meetings are by default protected by a six-digit numeric password, but according to Tom Anthony, VP Product at SearchPilot who identified the issue, the lack of rate limiting enabled "an attacker...

Read More

A high percentage of discovered bugs remain unremediated for a long time, a new study shows. Chances are high that almost every single application an organisation uses has at least one security vulnerability in it. Contrast Security recently analysed telemetry gathered between June 2019 and May 2020 from applications in development, testing, and operations at customer locations. The exercise found 96% of applications contained at least one...

Read More

Cybersecurity researchers on Thursday revealed security issues in the Android app developed by Chinese drone-maker Da Jiang Innovations (DJI) that comes with an auto-update mechanism that bypasses Google Play Store and could be used to install malicious applications and transmit sensitive personal information to DJI's servers. The twin reports, courtesy of cybersecurity firms Synacktiv and GRIMM, found that DJI's Go 4 Android app not only asks...

Read More

ESET research uncovers a malicious operation that both spies on victims and leaks their data We discovered a new operation within a long-running cyber-espionage campaign in the Middle East. Targeting Android users via the malicious Welcome Chat app, the operation appears to have links to the malware named BadPatch, which MITRE links to the Gaza Hackers threat actor group known also as Molerats. Our analysis shows that...

Read More

If your company allows employees to bring their own computing devices to the workplace – whether they are smartphones, tablets, or laptops – you need a BYOD security policy. Initially, employees used only company-issued devices in the workplace. Today, smartphones and tablets have proliferated in the consumer market to the point that nearly every employee comes to work with their own internet-connected device. This means...

Read More

A zero-day vulnerability has been discovered in Zoom video conferencing software for Windows that could allow an attacker to execute arbitrary code on a victim's computer running Microsoft Windows 7 or older. By the way, if someone is still using Windows 7, they deserve to get hacked, including many organisations without extended support, because it's only a matter of time before they'll be a victim of...

Read More