6 life-changing tech habits you need in 2022

This is the year you’re going to go to the gym three times a week, and you’re going to get organized, and you’re going to live life to its fullest,…

State-sponsored Threat Actors Steal Airline Data Using the Slack API

Reports show that a recently found backdoor dubbed ‘Aclip’ that exploits the Slack API for covert communications is being used by an alleged Iranian state-sponsored cybercriminal. The malicious actor began…

SAP Kicks Log4Shell Vulnerability Out of 20 Apps

SAP’s still feverishly working to patch another 12 apps vulnerable to the Log4Shell flaw, while its Patch Tuesday release includes 21 other fixes, some rated at 9.9 criticality. SAP has…

Meta targets user information, database scraping in bug bounty expansion

Meta has announced an expansion to its bug bounty platform to include vulnerabilities that can be abused for data scraping.  On Wednesday, the company – recently rebranded from Facebook –…

Anubis Android Malware Is Back and It Is Focusing on Financial Institutions

In a recent malware operation, the Anubis Android banking malware is targeting clients of approximately 400 banking institutions. The cybercriminals are attacking financial institutions, cryptocurrency wallets, and digital payment systems…

A List of Vulnerable Products to the Log4j Vulnerability

Two days ago, we wrote a post about the Log4j vulnerability that is currently wreaking havoc on the cyberthreat landscape. The flaw stands for an open-source Java logging library. By…

Patch Tuesday December 2021 – Microsoft Fixes 67 Flaws, Including 6 Zero-Day Vulnerabilities

December’s Patch Tuesday comes with numerous security fixes and improvements, including two actively exploited zero-day vulnerabilities. The list features spoofing, denial of service, remote code execution, elevation of privilege, and…

IIS Extensible Web Server Used to Steal Microsoft Exchange Credentials

Cybercriminals are installing a new malicious add-on for the IIS web server on Microsoft Exchange Outlook Web Access (OWA) servers to collect login information and remotely perform commands on the…

In 2022, Expect More Supply Chain Pain and Changing Security Roles

If 2021 was the Year of Supply Chain Pain, 2022 will be the Year of Supply Chain Chronic Pain (or something worse than pain). This past year, the pain was…

Apple iOS Update Fixes Cringey iPhone 13 Jailbreak Exploit

It took just 15 seconds to hack the latest, greatest, shiniest iPhone 13 Pro on stage at the Tianfu Cup in October, using a now-fixed iOS kernel bug. As if…