security news
Kaspersky Discovers Various Malicious Apps Disguising as Bestselling Game Minecraft
Sourced from Stuff. Recognised as the world’s top-selling game of all time, Minecraft attracts the attention of enthusiastic players around the world but also draws the interest of fraudsters. Earlier, Kaspersky researchers discovered more than 20 applications advertised on app stores offering additional Minecraft features. Though these malicious apps were deleted from official stores, Kaspersky experts have found newly developed ones, which exploit the game to further fraudster’s objectives. Malware on Google Play Store Kaspersky researchers analysed various apps, including those which are available for download on the Google Play store and claimed to be modpacks (user-created packages with additional gameplay elements) for the game. As a result, the company’s experts found various malici...
Vulnerabilities in Windows and Chrome Used in Series of Highly Targetted Attacks
In April, Kaspersky experts discovered a number of highly targeted attacks against multiple companies utilising a previously undiscovered chain of Google Chrome and Microsoft Windows zero-day exploits. One of the exploits was used for remote code execution in the Chrome web browser, while the other was an elevation of privilege exploit fine-tuned to target the latest and most prominent builds of Windows 10. The latter exploits two vulnerabilities in the Microsoft Windows OS kernel: Information Disclosure vulnerability CVE-2021-31955 and Elevation of Privilege vulnerability CVE-2021-31956. Microsoft has patched both today as part of Patch Tuesday. Zero-Day Attacks Recent months have seen a wave of advanced threat activity exploiting zero-days on the internet. In mid-April, Kaspersky experts...
Confidential Computing – Why Privacy Should be the Heart of Digital Experiences
Image sourced from Intel. In this past year, the consumer experience came to the forefront. As we faced various stages of lockdowns, we turned to online banking, seeing our doctors remotely, running our businesses using technology and socialising through a screen. Digital interactions became a part of our lives – ever-present and normalised as we navigated changes swept in by this pandemic. As our digital interaction became seamless and permeated through every aspect of our lives, privacy continued to be top of mind. We carried out our lives predominantly online – making many of us more vulnerable to fraudsters. As we navigated living our lives digitally, data theft dominated 2020 as the most common attack in the Middle East and Africa. Across the region, data theft and leaks accounted for...
Security Flaw in Health Startup Exposed User Accounts and Medical Information
Sourced from LogBox. LogBox, a South African medical data startup that claims it is an “absolutely secure” way to replace paper forms and documentation in sharing patient data with doctors, has exposed user accounts and sensitive patient data following a lapse in security. Anurag Sen, a security researcher, found an exposed database belonging to the company. The database contained account access tokens for thousands of LogBox users, which if used would grant full access to the accounts and the information therein of users without even needing to input a password. Sen had reported to LogBox that their database has been exposed, but did not hear back. TechCrunch writes that the database has been pulled offline as soon as it reached out. LogBox’ database leak comes just as the country’s new d...
- 1
- 2
