A popular gaming platform used by hundreds of millions of people worldwide has been found vulnerable to multiple security flaws that could have allowed remote hackers to takeover players' accounts and steal sensitive data.The vulnerabilities in question reside in the "Origin" digital distribution platform developed by Electronic Arts (EA)—the world's second-largest gaming … [Read more...] about Account Takeover Vulnerability Found in Popular EA Games Origin Platform
web applications
‘Legit Apps Turned into Spyware’ Targeting Android Users in Middle East
Cybersecurity researchers are warning about an ongoing Android malware campaign that has been active since 2016 and was first publicly reported in August 2018.Dubbed "ViceLeaker" by researchers at Kaspersky, the campaign has recently been found targeting Israeli citizens and some other middle eastern countries with a powerful surveillance malware designed to steal almost all … [Read more...] about ‘Legit Apps Turned into Spyware’ Targeting Android Users in Middle East
Microsoft Adds 2FA-Protected “Personal Vault” Within OneDrive Cloud Storage
Microsoft has introduced a new password-protected folder within its OneDrive online file storage service that will allow you to keep your sensitive and important files protected and secured with an extra layer of authentication.Dubbed Personal Vault, the new OneDrive folder can only be accessed with an additional step of identity verification, such as your fingerprint, face, … [Read more...] about Microsoft Adds 2FA-Protected “Personal Vault” Within OneDrive Cloud Storage
New Mac Malware Exploits GateKeeper Bypass Bug that Apple Left Unpatched
Cybersecurity researchers from Intego are warning about possible active exploitation of an unpatched security vulnerability in Apple's macOS Gatekeeper security feature details and PoC for which were publicly disclosed late last month.Intego team last week discovered four samples of new macOS malware on VirusTotal that leverage the GateKeeper bypass vulnerability to execute … [Read more...] about New Mac Malware Exploits GateKeeper Bypass Bug that Apple Left Unpatched
Important Flaw in Outlook App for Android Affects Over 100 Millions Users
Update (22 July 2019) — More technical details and proof-of-concept for the OutLook for Android vulnerability has been released that we have covered in a separate article here.Microsoft today released an updated version of its "Outlook for Android" that patches an important security vulnerability in the popular email app that is currently being used over 100 million … [Read more...] about Important Flaw in Outlook App for Android Affects Over 100 Millions Users
OpenSSH Now Encrypts Secret Keys in Memory Against Side-Channel Attacks
In recent years, several groups of cybersecurity researchers have disclosed dozens of memory side-channel vulnerabilities in modern processors and DRAMs, like Rowhammer, RAMBleed, Spectre, and Meltdown.Have you ever noticed they all had at least one thing in common?That's OpenSSH.As a proof-of-concept, many researchers demonstrated their side-channel attacks against OpenSSH … [Read more...] about OpenSSH Now Encrypts Secret Keys in Memory Against Side-Channel Attacks
PoC Released for Outlook Flaw that Microsoft Patched 6 Month After Discovery
As we reported two days ago, Microsoft this week released an updated version of its Outlook app for Android that patches a severe remote code execution vulnerability (CVE-2019-1105) that impacted over 100 million users.However, at that time, very few details of the flaw were available in the advisory, which just revealed that the earlier versions of the email app contained a … [Read more...] about PoC Released for Outlook Flaw that Microsoft Patched 6 Month After Discovery
Beware! Playing Untrusted Videos On VLC Player Could Hack Your Computer
If you use VLC media player on your computer and haven't updated it recently, don't you even dare to play any untrusted, randomly downloaded video file on it.Doing so could allow hackers to remotely take full control over your computer system.That's because VLC media player software versions prior to 3.0.7 contain two high-risk security vulnerabilities, besides many other … [Read more...] about Beware! Playing Untrusted Videos On VLC Player Could Hack Your Computer
MongoDB 4.2 Introduces End-to-End Field Level Encryption for Databases
At its developer conference held earlier this week in New York, the MongoDB team announced the latest version of its database management software that includes a variety of advanced features, including Field Level Encryption, Distributed Transactions, and Wildcard Indexes.The newly introduced Field Level Encryption (FLE), which will be available in the upcoming MongoDB 4.2 … [Read more...] about MongoDB 4.2 Introduces End-to-End Field Level Encryption for Databases
Gain the Trust of Your Business Customers With SOC 2 Compliance
In today's business environment, data is what matters most. It matters to organizations that monetize it into operational insights and optimisations, and it matters the threat actors that relentlessly seek to achieve similar monetisation by compromising it.In the very common scenario in which organisation A provides services to organization B, it’s imperative for the latter to … [Read more...] about Gain the Trust of Your Business Customers With SOC 2 Compliance