Netizen Blog and News
The Netizen team sharing expertise, insights and useful information in cybersecurity, compliance, and software assurance.
Category: Data
-
The year 2023 marked a significant surge in phishing attacks targeting cryptocurrency wallets, highlighting the increasing sophistication of cybercriminal activities in the blockchain space. These attacks, impacting a wide range of networks including Ethereum, Binance Smart Chain, Polygon, Avalanche, and nearly 20 others, have led to substantial financial losses, totaling nearly $295 million stolen from…
-
Security vulnerabilities are a constant threat to business operations, making prompt patching crucial. Netizen’s Security Operations Center highlights five critical vulnerabilities from December, emphasizing the need for immediate action. These include issues with Microsoft Power Platform Connector, Google Chrome’s WebRTC framework, Apache Struts, SSH ProxyCommand, and Apache OFBiz. Netizen offers comprehensive security solutions and support.
-
Cryptocurrency wallets, particularly those created between 2011 and 2015, have recently been thrust into the spotlight due to a significant vulnerability known as “Randstorm.” This vulnerability has raised concerns across the cryptocurrency community, highlighting the risks associated with outdated software and insufficient security measures in digital asset management. What is the Randstorm Vulnerability? The Randstorm…
-
In a landmark operation in early 2023, the FBI, along with German and Dutch authorities, dismantled Hive, a prolific ransomware group. This collective had extorted over $100 million since June 2021, targeting a wide range of sectors. The FBI’s operation infiltrated Hive’s network over seven months, obtaining decryption keys for over 300 recent victims and…
-
The Common Vulnerability Scoring System (CVSS) serves as a standard for assessing the severity of computer system security vulnerabilities. Its latest iteration, CVSS version 4.0, was originally shown in a public preview on June 8, 2023, at the 35th Annual FIRST Conference in Montreal, and was officially launched in General Availability (GA) on November 1st,…
-
The phrase “deepfake”, an amalgamation of the words “deep learning” and “fake,” is defined as any method of synthetic media, images, or video, that is manipulated in order to create a piece of media that conveys a different message. Using machine learning algorithms, malicious actors compile images and sounds from various sources, creating hoax videos…
-
Cisco IOS XE Software, a critical component of many Cisco network devices, has recently been found to have vulnerabilities in its Web UI feature. These vulnerabilities, if exploited, can provide attackers with significant access and control over affected devices. The vulnerabilities are particularly concerning for systems where the web UI feature is activated in the…
-
The GPU.zip vulnerability, discovered by researchers from Carnegie Mellon Software and Societal Systems and detailed in their research paper titled “GPU.zip: On the Side-Channel Implications of Hardware-Based Graphical Data Compression,” jeopardizes the security of numerous graphics processing units (GPUs). This side-channel attack exploits an inherent weakness associated with graphical data compression in integrated GPUs (iGPUs).…
-
Ransomware is quickly becoming the largest cybersecurity threat, with major innovations in both technique and technology over the past few years creating a large and ever-persistent issue. With security researchers and cybersecurity professionals constantly repositioning to face off against new threats, ransomware gangs are forced to invent new problems that haven’t been previously solved, evolving…
-
Web 3.0, often referred to as the Semantic or Decentralized Web, has emerged over the past few years as a both an ideological and technological shift from the current state of the internet, referred to as Web 2.0. The new technology is defined by decentralized databases and distributed ledgers across nodes, reducing the risks in…
Netizen Blog and News 