US Senate passes Bill to ban goods produced from Uyghur forced labour

The US Senate on Thursday unanimously passed a Bill banning the import of all goods, including technology, produced in the Chinese region of Xinjiang to penalise the Chinese government for…

Meta removes accounts of spyware company Cytrox after Citizen Lab report on gov't hacks

Citizen Lab has released a new report highlighting widespread government use of the “Predator” spyware from North Macedonian developer Cytrox. Researchers found that Predator was used to attack two people…

Firefox: Ad blockers are 2021's most popular browser extensions

Multiple ad blockers topped Firefox’s list of the most popular and innovative add-on browser extensions of 2021.  Firefox determines which add-ons are “most popular” by calculating their average daily users…

‘Tropic Trooper’ Reemerges to Target Transportation Outfits

Analysts warn that the attack group, now known as ‘Earth Centaur,’ is honing its attacks to go after transportation and government agencies. They’ve been an active threat group since 2011,…

‘PseudoManuscrypt’ Mass Spyware Campaign Targets 35K Systems

It’s similar to Lazarus’s Manuscrypt malware, but the new spyware is splattering itself onto government organizations and ICS in a non-Lazarus-like, untargeted wave of attacks. Researchers have tracked new spyware…

NSO zero-click iMessage exploit hacks iPhone without need to click links

The IT security researchers at Google have declared the NSO zero-click iMessage exploit as “Terrifying.” Google Project Zero’s (GPZ) Ian Beer and Samuel Groß have shared details on a new…

6 life-changing tech habits you need in 2022

This is the year you’re going to go to the gym three times a week, and you’re going to get organized, and you’re going to live life to its fullest,…

Brazil investigates use of staff credentials in cyberattacks against government bodies

Following major cyberattacks against central government bodies in Brazil, initial investigations have found that malicious actors have used civil servant credentials to access systems. The finding is among a series…

The Log4j Vulnerability Is Now Used by State-Backed Hackers

The vulnerability, officially tagged as CVE-2021-44228 and called Log4Shell or LogJam, is an unauthenticated RCE vulnerability that allows total system takeover on systems running Log4j 2.0-beta9 through 2.14.1. What Happened? Nation-state hackers…

NPK: Free tool to crack password hashes with AWS

The NPK tool is an open-source password cracking tool developed by the Coalfire Labs Research and Development team. The initials NPK are inspired by the atomic elements contained within farm…