Silensec Newsletter

Category: News

Top News

Turn Off FaceTime in Apple iOS Now! Experts Warn!

Apple has temporarily disabled its Group FaceTime feature in iOS and macOS to fix a major security flaw. The bug allows anyone to call a phone or Mac and listen in before the other person picks up.

The flaw works by adding yourself to a FaceTime call before the recipient picks up, tricking FaceTime into thinking it's an active call and forcing the person you're actually calling to start transmitting audio.

Read more...

FBI mapping 'Joanap Malware' victims to disrupt the North Korean botnet

The US DoJ announced Wednesday its effort to "map and further disrupt" a botnet tied to North Korea that has infected numerous Microsoft Windows computers across the globe over the last decade.

Dubbed Joanap, the botnet is believed to be part of "Hidden Cobra"- an APT actors' group often known as Lazarus Group and Guardians of Peace and backed by the North Korean government.

Read more...

Major Hacks of the Week

US intelligence warns of Russian cyber attacks to interfere in the Ukrainian elections

It has long been known about Moscow's plans to influence the results of the presidential election in Ukraine. In recent years, Western countries have a new tradition of accusing Russia of such interference.

In the National Intelligence Agency of the USA believes that Russia will use cybertechnology for interference in the presidential election in Ukraine. This was stated by the Head of the National Intelligence Agency Dan Coats at the hearings in the US Senate Intelligence Committee.

Read more...

Security firm identifies hacker behind Collection 1 leak

According to security researcher, Catalin Cimpanu, the hacker who assembled and then sold a massive collection of email addresses and passwords known as Collection #1, has been identified.

The security experts believe a hacker going online by the pseudonym of “C0rpz” is the person who rigorously and meticulously collected billions of user records over the past three years. This includes records from companies that were hacked in the past and whose data was posted or sold online.

Read more...

Major Vulnerabilities Disclosed

Cloud infrastructure experiencing increasing attacks due to vulnerability

Attackers are increasingly targeting vulnerable cloud infrastructure to exploit it for covert cryptojacking or to deliver ransomware.

Some attacks are fairly trivial, but others are multi-vector/multi-platform threats where multiple functionalities are combined as part of the same malicious threat (e.g., XBash, which combines cryptomining, ransomware and botnet/worm activity).

Read more...

New Exploit Threatens over 9,000 hackable Cisco RV320/RV325 routers worldwide

If the connectivity and security of your organization rely on Cisco RV320 or RV325 Dual Gigabit WAN VPN routers, then you need to immediately install the latest firmware update released by the vendor last week.

Cyberattackers have actively been exploiting two newly patched high-severity router vulnerabilities in the wild after a security researcher released their proof-of-concept exploit code.

Read more...

WE ARE HIRING: Senior Penetration Tester

We at Silensec are looking to hire a Senior Penetration Tester! Do You think you have Top-Notch Pentest skills?

1200by716px_WeAreHiring_SeniorPenetrationTester_3rd_revision.jpg

"Silensec is an equal opportunity employer and all qualified persons are encouraged to apply"

APPLY NOW...

Legal, Regulatory and Corporate
Security and Beyond

Apple's iCloud might have suffered a privacy breach late last year! Shhhhh!

Late last year, Facebook, Twitter and Google fell victim to an unknown group of hackers who stole secret access to millions accounts by taking advantage of a flaw here or a bug there in the website/social media pages.

It turns out that Apple also possibly suffered a privacy breach late last year due to a bug in its platform that might have exposed some of iCloud data, but the company chose to keep the incident secret.

Read more...

Aztarna - the open-source scanning tool for vulnerable robots

A group of experts working a startup focused on robot cybersecurity has released a free, open-source framework dubbed Aztarna that could be used find vulnerable robots that could have been exposed online or inside an industrial environment.

Read more...

Security Awareness Tip
 

Keep a record of the data you hold- You are legally required to keep a record of the personal data you hold as well as where and when you acquired the data, and whoever you may have shared the data with.

Records of your processing data will need to be maintained, which will help you comply with the GDPR's accountability principle. This requires a company to show proof of how they comply with the data protection principles.

Silensec Editorial Team

Editor: Dr. Almerindo Graziano
Dr. Graziano is the Silensec CEO. He holds an MSc in Electronic Engineering and a PhD in Mobile Computer Security, both from the University of Naples, Italy. Dr. Graziano has consulted in information security for private and government organisations across Europe, Africa and Middle East over the last 15 years. He is also a BSI-certified ISO27001 Lead Auditor trainer and auditor

Vice Editor: George Nicolaou (BSc, MSc)
George Nicolaou (BSc, MSc) leads the Silensec Malware Analysis Lab (MAL). He received his BSc in Computer Science and MSc in Advanced Computing Security from the University of Bath in UK, where he pursued research in malware and vulnerability analysis. For many years George has also been the Head of Research and Development department of the Astalavista Security Community. George is also a frequent speaker at security conferences around the world on advanced malware analysis, reverse engineering and exploit development techniques.

Digital Editor: Salome Omondi (B.Com)
Salome Omondi leads the Silensec Marketing Department. She holds a Bachelors of Commerce and Management from Strathmore University. Miss Omondi publishes the weekly Silensec Newsletter, keeping you up to date with the latest infosec news as well as improving information security awareness.


Please feel free to share this with interested parties via email, and social media. For a free subscription, please subscribe to our Mailing list and feed-image Feed .

For any questions please click on the following contact us link

Silensec Cyprus HQ

Silensec Africa

Feel free to contact us if you have any problems.

Silensec UK

Feel free to contact us if you have any problems.

News Feed