Spike in Attacks Using Infected USB Drives
Do using USB drivers as an initial infection vector still work today? Well, what is old is new again and security researchers at Mandiant have observed a threefold increase in the number of attacks using infected USB drives to steal secrets. The increase is attributed...Account Takeovers using Evil QR
Logging in via QR code is something that more websites are starting to embrace. Some of those websites include Discord, Telegram, Whatsapp, Steam and Tiktok. Rather than having to enter a username/password in the website, you use the application’s mobile app to...Remote Code Execution Vulnerability Discovered in Popular PDF Software
Popular open-source PDF library, Ghostscript, has been discovered to have a critical vulnerability that allows for remote code execution. The vulnerability is tracked as CVE-2023-3664 and impacts Ghostscript versions prior to 10.01.2. The software is installed by...Critical Infrastructure Service Firm Takes Key System Offline Due to Cyber Attack
Early this week, critical infrastructure services provider, Ventia, took some of its key systems offline to contain a cyber incident. The company provides management, maintenance and operations services for critical infrastructure to more than 400 sites across...NSW Cashless Gaming Trial Terminated Due to Ransomware Attack
The NSW Cashless gambling trial suffered a setback recently when its suffered a cyber-attack. According to the government, Australians have a gambling problem. We spend and lose more money gambling across all formats compared to any other country in the world....Is Your Solar System Compromising Your Home Network?
As more households embrace green energy and install solar panels, they could unknowingly be exposing their home networks. Most of the solar systems include apps which can be used to track the efficiency of your solar generation. Your home solar system would be...Spyware in Google Play Store Stealing Users’ Data
Security researchers have discovered two spyware in the Google Play Store that have been installed by up to 1.5 million users. Both apps are from the same publisher and pose as file management applications. They have similar malicious behaviours such as launching...Mastodon Addresses TootRoot Hijacking Vulnerability
Mastodon, the free and open-source software for running self-hosted social networking services, had recently patched four vulnerabilities. One of those vulnerabilities is the TootRoot vulnerability which has a critical severity rating and is tracked as CVE-2023-36460....