Critical Browser Flaw Exposes Local Networks to Attack via “0.0.0.0”

Aug 16, 2024 | Podcast

https://www.oligo.security/blog/0-0-0-0-day-exploiting-localhost-apis-from-the-browser Cybersecurity researchers have discovered a critical vulnerability affecting all major web browsers (Google Chrome, Mozilla Firefox, Apple Safari) that could allow malicious...

Australian Gold Miner Evolution Hit by Ransomware Attack

Aug 15, 2024 | Podcast

https://evolutionmining.com.au/storage/2024/08/2759355-Cyber-Security-Incident.pdf Evolution Mining, a major Australian gold producer, has been targeted by a ransomware attack impacting its IT systems. The company announced the incident on August 8th, 2024, and...

Trojan Malware Campaign Hijacks Browsers, Steals Data of Over 300,000 Users

Aug 14, 2024 | Podcast

Trojan Infects 300,000 Chrome and Edge Users with Unremovable Extensions Cybersecurity firm ReasonLabs has uncovered a large-scale Trojan malware campaign targeting Google Chrome and Microsoft Edge users. The campaign, active since 2021, has affected over 300,000...

Do Your Applications Have a Software Bill of Materials (SBOM)?

Aug 13, 2024 | Articles, Podcast

“Oh, I didn’t realise we were exposed to <vulnerability> as I didn’t think that application was using <open-source-component>.” I often heard such comments during the initial stages of our application security uplift. There was a lack of visibility on what...

Background Check Company Data Breach Affecting Nearly 3 Billion People

Aug 12, 2024 | Podcast

https://mashable.com/article/background-check-company-breached-3-billion-affected A recent class action lawsuit alleges that background check company Jerico Pictures, operating under the name National Public Data, suffered a data breach earlier this year exposing the...

Hackers Poison Software Updates Through ISP Breach

Aug 8, 2024 | Podcast

StormBamboo Compromises ISP to Abuse Insecure Software Update Mechanisms A sophisticated hacking group, known as StormBamboo, has been caught red-handed deploying malware through a compromised internet service provider (ISP). Security researchers at Volexity uncovered...