News

Valve, a game developer, has recently fixed 4 critical bugs in its Stream game platform. If these flaws were exploited, they could have allowed users to attack their opponent remotely, crashing their opponent's game client. The Stream service has over 25 million users, acting as a platform for popular games such as Counter Strike: Global Offensive, Dota2 and Half Life. On Thursday the vulnerabilities were discovered in the network library of Stream, also know as...

Glassdoor, a platform for posting anonymous company reviews and job hunting, has recently fixed a critical issue that could have been exploited by bad actors to take over accounts.  The bug bounty researcher "Tabahi (https://twitter.com/_tabahi) "  discovered the vulnerability and described it as a site-wide cross-site request forgery (CSRF) bug with an estimated severity score of 9 - 10. A token, gdToken, was in use on the Glassdoors website to prevent CSRF from occurring on...

The dawn of 5G technology is upon us and this new wireless power promises to be a superior successor to 4G networks. With more devices connecting to more data, both enterprises and the general consumer will greatly benefit from 5G’s arrival. But how ready are businesses for this new era in connectivity and how secure is 5G?   AT&T Cybersecurity has just released its tenth Cybersecurity Insights Report: 5G and the Journey to the Edge,...

Netgain, the cloud hosting and IT services provider has been forced to take a number of their data centres offline following a ransomware attack in November. Netgain is a technology company that provides hosting and cloud IT solutions, such as desktop-as-a-service environments and managed IT services, to companies in accounting and healthcare sectors. In a series of emails sent to customers, Netgain stated that they had fallen victim to a ransomware attack on November 24th,...

The Israeli cybersecurity firm Cybereason has recently announced that it has uncovered an active effort to control the computers and steal data belonging to Facebook, Google Docs, Dropbox, and Simplenote users. Cybereason has attributed the campaign to the Arab group 'Molerats', who also go by the name ‘The Gaza Cybergang,’ who have been operating in the Middle East since 2012. According to the cybersecurity firm, “this latest campaign leverages two previously unidentified backdoors dubbed SharpStage...

The online fraud prevention company, Bolster, has reported that in November they saw an increase in new websites related to gift card fraud, with a rate of more than 220 fraud cases per day. The research team noted that Target's balance checking page has been one of the most impersonated this holiday season. Some of the spoofing attempts are more credible than others. One fraudster even imitating Target's services to such an extent that most...

FireEye has been the go-to for protection against sophisticated attackers for government agencies and companies around the world for years. However, the cybersecurity firm has recently fallen victim to what they protect against, as FireEye have recently reported that they have been hacked by what are thought to be Russian intelligence agencies exacting revenge. On Tuesday FireEye revealed that their systems had been infiltrated by “a nation with top-tier offensive capabilities.” The firm said that...

In China, one of the most successful enterprises to come from their sharing economy has been power bank rentals. However, police in China are warning that mobile battery packs can be used to spread malware.  On Sunday the Ministry of Public Security's online security department published a warning on their official WeChat account which said that shared power banks can be used to transmit Trojan horses and other forms of malware, with power banks of...

A new smartphone tool which can track live side-effect of those vaccinated with the new American coronavirus vaccine is thought to be vulnerable to manipulation. This has raised concerns that malicious actors could access the tools system in order to undermine confidence in the shots, according to both federal and state health officials. The text-messaging system, V-safe, has been designed to provide early indications of possible adverse reactions to the vaccines. V-safe's messaging program will...

A security bug has been found on the PlayStation Now cloud gaming Windows application which has allowed malicious actors to put arbitrary code on Windows devices which are running vulnerable app versions. PlayStation Now has over 2.2 million subscribers in 2020, with this bug potentially harming a large number of users. A bug bounty hunter, Parsia Hakimian, uncovered the vulnerabilities, discovering that the bug affects PlayStation Now version 11.0.2 and earlier on computers running Windows...