The Breach News

DHS Requested Google to Hand Over Data on Canadian’s Activity and Location Due to Anti-ICE Posts

DHS Targets Canadian Individual for Online Criticism of Immigration Actions Recent developments have surfaced regarding the Department of Homeland Security’s (DHS) efforts to track the location and online activities of a Canadian man who voiced criticism of the Trump administration after the controversial actions of federal immigration agents. This situation…

Read MoreDHS Requested Google to Hand Over Data on Canadian’s Activity and Location Due to Anti-ICE Posts

Experts Identify Security Vulnerability in IBM’s Db2 Data Management Software

Memory Vulnerability Discovered in IBM Db2 Products: A Cybersecurity Concern Recent cybersecurity research has unveiled a significant memory vulnerability within IBM’s Db2 data management suite that could enable local attackers to exploit sensitive data and potentially execute denial of service (DoS) attacks. This flaw, identified as CVE-2020-4414, affects various editions…

Read MoreExperts Identify Security Vulnerability in IBM’s Db2 Data Management Software

Cisco Issues Alert on Active Exploitation of IOS XR Zero-Day Vulnerability

Cisco Warns of Active Zero-Day Vulnerability in Router Software Cisco has issued an urgent alert regarding an active zero-day vulnerability in its router software that is currently being exploited in real-world attacks. This vulnerability could permit a remote, authenticated attacker to execute memory exhaustion attacks on affected devices, thereby compromising…

Read MoreCisco Issues Alert on Active Exploitation of IOS XR Zero-Day Vulnerability

Identifying and Mitigating the Critical ZeroLogon Vulnerability in Windows Server

In the realm of cybersecurity, administrators of Windows Server systems must prioritize the installation of recent Microsoft patches, particularly one that addresses a critical vulnerability enabling unauthorized access to domain controllers. Identified as “Zerologon” (CVE-2020-1472) and unveiled by Tom Tervoort of Secura, this privilege escalation vulnerability arises from inadequate AES-CFB8…

Read MoreIdentifying and Mitigating the Critical ZeroLogon Vulnerability in Windows Server

Researchers Identify Developers Behind Exploits Used by Multiple Malware Authors

Recent developments in cybersecurity research have shed light on the complex world of malware development, emphasizing how it often involves collaboration among specialized individuals. This collaborative effort raises the question of whether the code produced carries fingerprints that could potentially identify the authors behind it. On Friday, cybersecurity researchers introduced…

Read MoreResearchers Identify Developers Behind Exploits Used by Multiple Malware Authors

New Vulnerabilities Discovered in Leading Antivirus Software Could Increase Computer Risks

Security Vulnerabilities Discovered in Popular Antivirus Solutions, Risking System Integrity Cybersecurity experts have recently uncovered significant security vulnerabilities in widely-used antivirus software, potentially allowing attackers to escalate privileges and solidify malware presence on compromised systems. A report from CyberArk researcher Eran Shimony, shared with The Hacker News, highlights the critical…

Read MoreNew Vulnerabilities Discovered in Leading Antivirus Software Could Increase Computer Risks

Widely Used Mobile Browsers Susceptible to Address Bar Spoofing Attacks

Graphic for illustration On Tuesday, cybersecurity researchers unveiled a significant address bar spoofing vulnerability that impacts various mobile browsers, including Apple Safari and Opera Touch. This flaw poses a substantial risk, enabling attackers to launch spear-phishing campaigns and disseminate malware. Other affected browsers include UCWeb, Yandex Browser, Bolt Browser, and…

Read MoreWidely Used Mobile Browsers Susceptible to Address Bar Spoofing Attacks