White House hosts open-source software security summit in light of expansive Log4j flaw

Written by Tim Starks Jan 13, 2022 | CYBERSCOOP Tech giants and federal agencies will meet at the White House on Thursday to discuss open-source software security, a response to…

Facebook Aka Meta Bans Seven Spy-For-Hire Entities

Meta published a report on the 16th of December, named “Threat Report on the Surveillance-for-Hire Industry”, where it announced that it banned six alleged entities and a Chinese law enforcement…

Facebook Bans Spy-for-Hire Firms for Targeting 50K People

Meta, Facebook’s parent company, said that the seven banned actors run fake accounts on its platforms to deceive users and plant malware on targets’ phones. Meta, Facebook’s parent company, has…

Meta removes accounts of spyware company Cytrox after Citizen Lab report on gov't hacks

Citizen Lab has released a new report highlighting widespread government use of the “Predator” spyware from North Macedonian developer Cytrox. Researchers found that Predator was used to attack two people…

Firefox: Ad blockers are 2021's most popular browser extensions

Multiple ad blockers topped Firefox’s list of the most popular and innovative add-on browser extensions of 2021.  Firefox determines which add-ons are “most popular” by calculating their average daily users…

Meta takes down 7 hacking-for-hire operations that targeted 50,000 users

Written by Tonya Riley Dec 16, 2021 | CYBERSCOOP Meta removed seven “surveillance-for-hire” organizations that used Facebook to target at least 50,000 individuals across 100 countries for surveillance operations, some…

NSO zero-click iMessage exploit hacks iPhone without need to click links

The IT security researchers at Google have declared the NSO zero-click iMessage exploit as “Terrifying.” Google Project Zero’s (GPZ) Ian Beer and Samuel Groß have shared details on a new…

The Log4j Vulnerability Is Now Used by State-Backed Hackers

The vulnerability, officially tagged as CVE-2021-44228 and called Log4Shell or LogJam, is an unauthenticated RCE vulnerability that allows total system takeover on systems running Log4j 2.0-beta9 through 2.14.1. What Happened? Nation-state hackers…

Homeland Security Offering $5,000 Bug Bounty to Hack DHS

The program will allow hackers and security researchers to earn between $500 to $5,000 for identifying verified vulnerabilities. The US Department of Homeland Security (DHS) has announced a new bug…

Comprehensive Phishing Study Shows Who Is More Prone to Fall Victim to Phishing Attacks

Researchers from ETH Zurich conducted a study to investigate who is more prone to fall victim to phishing cyberattacks in a corporate context. The study involved 14,733 participants and was…