Author: Ninad Mishra

Top Software Testing Services

Hackers Using Smart Home Devices To Live Stream Swatting Attacks

The US FBI (Federal Bureau of Investigation) recently stated that the attackers have now started to take control over smart home devices and security systems via breached emails and passwords and are using them to live stream the Swatting events. Swatting is a hoax call (a call made to trick someone for malicious purposes) made…
Read more

US And Canadian Banking Customers Being Targeted By AutoHotKey-Based Credential Stealer

An ongoing campaign initiated in the early 2020s was discovered with bad actors that were distributing a new credential or password stealer which was written in AutoHotKey (AHK) scripting language. AutoHotKey is built and aimed at serving easy shortcut keys for macro-creation and software automation that could allow users of Windows to repeat and automate…
Read more

Malicious Browser Extensions Discovered by Kaspersky Lab and Yandex

A ruinous code was detected in the browser extensions by Kaspersky Lab and Yandex. It is considered that the attackers could have gained access to the accounts in the social networks and would have used them to elevate views on videos around various websites. The malicious code was possibly capable of pulling a lot more…
Read more

Microsoft logo

Microsoft August 2020 New Patch fixes 120 vulnerabilities, two 0-days

Microsoft released its updated version recently for its users. It fixed 120 vulnerabilities in 13 products in this new version. Out of these 120, 17 are rated as most critical. The rate at which Microsoft is patching its vulnerabilities is probably putting a lot of pressure on its CVE team. Out of the patched vulnerabilities so far,…
Read more

GEDmatch Breach: DNA Data of Million Users Exposed

A major breach in GEDmatch led to alterations in the permission setting of all the users. On 19 July, a security breach was reported to the GED officials when an attack was targeted at the server via an existing account. To handle the situation, the site was taken down by the authorities. The breach resulted…
Read more

New credit card attack, Inter skimming kit used in homoglyph attacks

Hackers working for financial motives to extract the credit card information of the users is not new. Several methods are being adopted over the span of time to trick users into giving their details. Further progress has been made in this regard. Malwarebytes has identified a new type of attack used for credit card skimming.  It combines…
Read more

Cybersecurity for International Space Station

A former NASA astronaut Pamela Melroy talked about the cybersecurity issues concerning space based infrastructure at the  Aerospace Village within the DEFCON virtual security conference. She served as pilot on Space Shuttle missions STS-92 and STS-112 and commanded mission STS-120 before leaving the agency in August 2009. The International Space Station (ISS) is a hub of computer systems, and…
Read more

New Research on Speculative Execution Attacks: AMD, Intel, ARM, IBM Processors Vulnerable

There has been a lot of research conducted to determine the root cause of speculative execution attacks against modern processors and as it turns out the recently released research paper by the researchers at the Graz University of Technology explains the exploitation of pre-fetching effect more accurately than the previously published papers. It clearly states that…
Read more

Energy Market Manipulations Using IoT Botnets

The Dark Reading recently interviewed Tohid Shekari, a Ph.D. candidate at Georgia Tech, concerning his work with Raheem Beyah about using the IoT botnets in a stealthy way for manipulating the energy markets.  According to Tohid, IoT botnets have been recently used to attack the auto domains. The attacks started to emerge in the field…
Read more

Latest NSA Guidelines for Limiting Location Data Exposure

The National Security Agency has recently issued an advisory about the threats imposed upon by the exposure of the location data of the users. The report vividly explains how the location data can be accessed via different mediums and what we, as users, can do to ensure minimum data breach.