Bombardier Data Breach Bombardier is a Canadian airplane maker having operations in over 12 countries and a fleet of nearly 4,900 aircraft. The company is the latest one being added to the victim’s list of Accellion’s faulty software hack, which had affected tens of companies to date. The list includes SingTel, Fugro, Jones Day, and even the State Auditor office of Washington. Bombardier joins the list as it today hinted to have been affected by the same FTP software as others above....

Sharing Copyrighted Ebooks Online is Illegal There are so many ways to download the copyrighted books in PDF or other formats via the internet. These books are available in so many websites and in torrent sites too. While this has become a common practice, people have started sharing the same on social media platforms. Like minded people or bookworms form a group on platforms like Facebook and share illegal books for free there....

Security Researcher founded a Bug in Safari Browser A security researcher Pawel Wylecial, also a co-founder of Polish security firm REDTEAM.PL has discovered the bug. Earlier, in April, Pawel Wylecial reported about the bug, but there was no solution. So the researcher uploaded the post with his findings. However, the OS maker delayed for fixing the bug. In a blog post, the researcher wrote that the bug stays in Safari’s Web Share API....

Chrome’s New Safe Browsing Features To date, Google has invested in the Chrome browser a lot. Apart from having extensive features for seamless browsing, Chrome is being developed regularly to provide a safer browsing experience. In this pursuit, Google announced Safe Browsing Mode in 2007, and an improved version of it called Enhanced Safe Browsing Mode last year. Under the new Enhanced Safe Browsing Mode, Chrome will take all the measures like notifying users to set strong passwords, informing them about any compromises, blocking unsafe websites, etc....

All the vulnerabilities added now are from 2014 to 2021, with the latest one being a Windows SAM bug, that if exploited would allow anyone to access the core registry files. Though patches or workarounds for all these vulnerabilities are available, system admins are delaying in applying them. Also Read- CISA Listed 17 New Actively Exploited Vulnerabilities CISA Vulnerabilities Catalog The US Cybersecurity & Infrastructure Security Agency has just added a bunch of security vulnerabilities to its growing list Known Exploited Vulnerabilities Catalog, which now has about 367 in total number....

Cloudflare Launched an API Protection Application Programming Interface (API) is simply an interface of an app, that would let others eligible apps to procure data through requests. More specifically, it would act on predefined actions like redirecting the data requests to a designated library. It can be embedded in apps in several ways, like in a standalone app to let internal components communicate with each other, or web-based systems that remain online and process requests from clients like external servers, mobile phones, users, etc....

cPanel Patches a 2FA Flaw cPanel is more like a simple dashboard for hosting accounts. It’s used by a number of companies and users in handling their website’s hosting control panel every day. It’s so popular that, over 70 million domains were launched based on cPanel in the last two decades. And now, it’s reported to have a flaw in its 2FA protocol. Discovered by Digital Defense, a vulnerability and threat management firm, it says the cPanel and WebHost Manager (WHM) has a Two-Factor authentication flaw, that would let an attacker with primary credentials access a user’s account....

Two of the noted vulnerabilities bear a high severity score, as they can let remote hackers escalate privileges in a device without any user interaction. Still, it’s the duty of the Android OEMs to band up these updates and release them for each individual model they sold. Android Security Update For February 2022 Just like Microsoft in Windows, Google releases monthly updates to the Android community to patch any known security vulnerabilities....

Attackers are seen using phishing campaigns to steal credentials and are dumping miners within seconds to start their mining operation. Though Google blocked all the phishing links and malware content hosted in its cloud, it’s suggesting users follow better security practices. Mining in Google Cloud Google Cloud is an online storage service for securely storing customer data and files. This is a remote instance where Google uses data centers with high-performance hardware to store and process requests....

Egregor Ransomware Hits Randstad Randstad is undoubtedly the world’s largest staffing company, with over 38,000 employees across the work and providing HR services for many companies and people. It’s also the owner of the famous employment platform – Monster.com. This week, it’s said to be hit by the Egregor ransomware attack. This was reported by BleepingComputer, who said that Egregor ransomware had leaked 32.7MB of stolen data from Randstad on their site....

There was evidence for infection in at least 35 individuals, with 16 of them having their data stolen from their phones. The threat actors were said to have used two zero-day iOS exploits, which gave them access to the target’s devices and snoop on them. Pegasus Spyware Infecting El Salvadorans The infamous Pegasus spyware from NSO Group has a long list of allegations. The Israeli spyware company has been in the news earlier for selling itself to several governments, to spy on local activists and journalists....

At least 10% were affected Kaspersky’s Cyberthreat group, Securelist made research that revealed, 1 in every 10 Macs (or 10%) out there were infected with this new trojan called Shlayer. The team said, Unlike others, makers of this malware have chosen a new patch for infecting users. They’re betting on trending events or popular shows to create a fake website and push themselves up in search results of the web. And if anyone appealing yo such events visit that site, it prompts them to install additional resources to function....

WordPress Plug-in Vulnerability The Threat Intelligence Team from Wordfence has discovered two vulnerabilities in a WordPress plug-in, which could affect over half a million sites now. The concerned plugin is Facebook for WordPress, made by Facebook. This plug-in is a conversion measurement tool, where if installed, it will be connecting the Facebook Pixel to the WordPress site and records the visitor engagement metrics. This can help marketers know how successful their campaign is and act accordingly later on....

iPhone shows the Apple logo and turns off automatically when it has some hardware problem. It could have endured a fall and the internal circuitry may have taken damage. Also, if the iPhone has run out of charge when you try to switch it on it will show the Apple logo and will turn off. When iPhone users try to install third-party apps via Jailbreak, they end up with this issue....

If the Snapchat video call is not working, it may be due to a bugged version of Snapchat. Integrating third-party apps or providing limited app permission to Snapchat can result in some features not working properly. Read Now | How to Add Music to Snapchat Stories and Snaps Best Ways to Fix Snapchat Video Call not Working on Android and iPhone Let’s get started with the fixing. Best Ways to Fix Snapchat Video Call not Working on Android and iPhone1....

There are many different types of software with the same service, but TeamViewer is preferred by most of the users as it is simple and trustworthy software. I use TeamViewer too as I have some clients who face some basic issues that can be solved easily using a screen sharing. This way, it saves me time, and I don’t have to visit them every time. However, sometimes TeamViewer software gives me an error labeled as Protocol Negotiation Failed....

Simon Weckert, a general Maps user as us, has tried the simplest way to fool Google’s popular product. He put 99 smartphones in a wagon and walked through streets, including Google’s office and created virtual traffic in Maps! He made it such a way that Google believed that there’s traffic congestion in that path and turned red throughout. Which eventually led drivers to avoid this route assuming the traffic, contrary to reality....

As per it, the CEO stated that Google has hired over 10,000 people in Q2 alone this year. But to support important opportunities now, the company is slowing down hiring new people, while the recruitment for critical departments like engineering, technical, etc will continue as usual. Slowing Down The Hiring New People Due to ongoing economic tensions around the world, several tech companies are going on a hiring freeze to cut costs, as one measure....

In ransomware attacks, the hackers will get into victims’ computers and lock all of their data. They provide victims with the decryption key which will unlock all the data again. But in this case, the German programmer Tobias Fromel who was fallen prey for ransomware attack retaliated by releasing 3000 decryption keys along with free software. This revenge hack isn’t legal and Fromel announced the same in his post on Bleeping Computer....

They noted the hackers using container file types like ISO, RAR, and Windows Shortcut (LNK) more than the regular Docx and XLS files, since they’re obsolete now with no macros support. Yet, hackers are put to more struggle with the new file types, as they need support from the target to be compromised. Shifting to Container Files Up until now, a phishing email used to contain a malicious Word or Excel file from hackers that ask the targets to open and enable macros to make it more viewable....