The most serious of these flaws is CVE-2021-37981, a heap buffer overflow in Skia for which Google awarded a $20,000 prize, according to a Google advisory. Next in line are CVE-2021-37982 (incognito component use-after-free problem) and CVE-2021-37983 (incognito component use-after-free issue) (use-after-free error in Dev Tools). Google claims to have paid a $10,000 bounty for information on each of these issues. CVE-2021-37984 (heap buffer overflow in PDFium) and CVE-2021-37985 (use-after-free in V8) are the two remaining high-severity bugs corrected in this browser release, for which Google paid $7,500 and $5,000, respectively....

Facebook’s Failed Data Breach Crisis Facebook’s data breach crisis has been one of the most highly publicized events in recent history. From March 17 to April 18, 2018, Facebook was the target of a data breach that affected up to 50 million users. The attack involved hackers penetrating Facebook’s systems and stealing user data, including names, contact information, and page likes. Facebook was able to mitigate the impact of the breach by notifying affected users and providing them with detailed instructions on how to protect their information....

As a result, these malicious folks created ransomware programs like CryptoLocker and Bitcryptor that would encrypt files on victims’ computers, leaving them helpless unless they paid a large fee. With Bitcoin maintaining a strong position close to its all-time high, many people are starting to take notice of its value. This naturally gives rise to more hackers to try stealing Bitcoin and other cryptocurrencies from users’ wallets. If you want to avoid becoming the victim of these types of ransomware and hacks, then follow these simple rules....

One of the amazing features of the AirPods that people don’t seem to talk about is their ability to connect to non-Apple devices that accept Bluetooth, such as a ThinkPad or other Lenovo laptop. In this article, I’ll go through how to connect AirPods to a Lenovo laptop, as well as what to do if they refuse to pair. I’ll also show you what you can do if your Lenovo laptop doesn’t have Bluetooth capability and you want to connect your Airpods....

What is malware and how does it work? Malware is a type of malicious software that can infect your computer and cause damage. Malware can come in many different forms, including viruses, Trojan horses, spyware, and worms. Malware can attach itself to files you download or visit on the web, or it can run automatically when you open a file. Malware may send out spam emails, track your online activities, or steal your private information....

We’ve already shown you a few sites that allow you to download videos and playlists, but such sites need you to use other people’s servers, verify the page source, seek for hidden download links, and deal with endless NSFW pop-ups on other people’s domains. Why bother with all that when you can extract a YouTube video quickly and easily with a software package that most people already have on their computer?...

Changing the active partition is a very advanced procedure, so you probably didn’t need the following explanation! Only alter the active partition if that partition contains an operating system; otherwise, your machine will stop running. There are a couple of considerations to keep in mind while declaring a partition as active: In addition to the items listed above, there are a few more things that must be in place for the system to boot....

What is Digital Literacy? The main idea behind digital literacy skills is knowing how to use modern technological devices effectively and in the right way. It has gone a far way from the usual typed books and now includes not just eBooks, but even websites, videos, and social media platforms. In the US, digital literacy has become a highly valuable course, and in many of its states, specific standards for teaching has been created....

At the same time, their portability and capacity can put your information at risk of data loss. Hard drives are fragile, and various physical factors could result in the breakdown of your device, namely, dust, fire, and power fluctuation. So, taking precautionary measures is important when storing your data on external hard drives. In this blog, you’ll find some useful tips to back up and secure your drives from potential threats....

Approximately 90% of all hacked content management systems (CMSs) were WordPress sites that Sucuri investigated and helped fix in 2018. Magento (4.6 %), Joomla (4.3 %), and Drupal (3.7 %) came in a distant second, third, and fourth, according to a report published yesterday by the company. Sucuri experts blamed most hacks on plugin and theme vulnerabilities, misconfiguration issues, and webmasters ‘ lack of maintenance, which often forgot to update their CMS, themes, and plugins....

A group of South Korean academics identified the LTE standard of 36 new vulnerabilities used by tens of thousands of mobile networks and hundreds of millions of users worldwide. The vulnerabilities allow attackers to disrupt mobile base stations; block incoming appeals; disconnect users from a mobile network; send spoofed SMS messages; and eavesdrop. They were discovered and documented in a research paper at the IEEE Symposium on Privacy and Security by the end of May 2019 by a team of four from the Korea Advanced Institute of Science and Technology (KAIST)....

This hacking group is well known for distributing stolen credential as well as for creating and distributing malware or several types of hacking tools. The European Union Organization for Law Enforcement Cooperation, Europol, aims to work with various national police forces and law enforcement agencies on various hacking or software piracy operations. As in recent times, Europol has achieved some significant successes in putting an end to pirated IPTV (Internet Protocol TV) but has now managed to score a bit in different areas as well, such as the hacker universe....

Although the number of malicious mobile software attacks is increasing considerably, only 5,321.142 Malware-sample installation packages were found all year long, down 409,774 compared with statistics for 2017. Threat actors who have decided not only to target mobile users but also to use highly tested methods such as SMS spam, were also ready to experiment with techniques such as DNS hijacking, previously reserved for the attack of desktop platforms. The most popular tools and techniques for attacks in the arsenal of mobile errors were, as detailed in Kaspersky’s report: as a side note, the security company also was able to detect three malicious campaigns run by advanced persisting threat groups, who sniffed messages on their victims ‘ mobile devices on various social networks....

Microsoft has patched two vulnerabilities related to the Adobe Type Manager Library, which are frequently exploited by remote code execution. The library is funded solely by Microsoft despite its name, and Adobe claims it will not risk its customers. The vulnerabilities, as CVE-2020-1020 and CVE-2020-0938, were disclosed several weeks ago by Microsoft, but the company initially offered only a method to discourage use. The tech giant says the vulnerabilities in Windows 10 pcs are less likely to be abused thanks to the protection features of the new iteration of the operating system....

“WiryJMPer is a seemingly ordinary dropper with unusual obfuscation. It uses two benign binaries with superfluous jumps and dead branches sandwiched between the binaries to hide its virtual machine, protecting its Netwire payload,” found Avast researchers Adolf Středa and Luigino Camastra. NetWire (also known as Recam or NetWiredRC) is a Remote Access Trojan (RAT), a Trojan that has been used since 2012 with remote control functionality and a concentrate on keylogging, password robbing, enabling attackers to access and remotely control their pcs....

Charles Onus, 34, was arrested on April 14 in San Francisco for his role in a conspiracy that resulted in the breach of about 5,500 user accounts at an undisclosed human resources and payroll services company in the United States. Onus is accused of using a credential stuffing attack to gain unauthorised access to user accounts at the targeted organisation in 2017 and 2018. According to the indictment, the guy was able to shift approximately $800,000 in payroll cash to prepaid debit cards, some of which he controlled....

The main suspects behind the hack are a hacker group known as the Lazarus Group (or Hidden Cobra), known to have associations with the Pyongyang regime, and known to have targeted banks, financial institutions and cryptocurrency exchanges in recent years. The most recent attack by Lazarus took place at the end of December last year, but came to the public’s attention only after Chilean Senator which has direct links to the networks of all Chilean banks, formally admitted to the hack a day later in a message posted on its website....

The deal offers an imminent foothold for NortonLifeLock in the European industry, where Avira is known to provide nearly 30 million in freemium anti-malware software. Avira reports over 1.5 paying customers and a white label organisation that drives over 500 million supplier smartphones with the software. A topsy-turvy year for Avira, the contract begins. Avira was sold to private equity company Investcorp Technology Partners for $180 million eight months ago and the new transaction is further evidence of restructuring in the anti-malware and threat intelligence market....

This means that now is a great time for aspiring cybersecurity professionals to enter the job market. But how exactly does one go about planning their career in cybersecurity? Below is a quick guide to get you started. Determine the role you want Cybersecurity is home to countless professions. In our ‘Complete Guide to Choosing a Cybersecurity Career’, we note that defining your values, expectations, and needs can help you find the right one....

This threat is even more imminent since most of the world has moved to remote working, and many companies have a large set of employees working from outside the office. The threats may be a little lower for employees working from home on a secure network, but many employees also choose to work on public networks at cafés or coworking spaces. Potential cyber security threats A public internet connection may not be robust enough to prevent cyberattacks, and companies have recognized this threat....