Payment API Flaws Exposed Millions of Users’ Data

  Researchers discovered API security flaws impacting several apps, potentially exposing the personal and financial information of millions of consumers.  According to CloudSEK, around 250 of the 13,000 apps published to its BeVigil “security search engine” for mobile applications utilize the Razorpay API to conduct financial transactions.  Unfortunately, it was discovered that about 5% of […]

Continue Reading

Links Detected Between MSHTML Zero-Day Attacks and Ransomware Operations

  The exploitation of a recently fixed Windows zero-day vulnerability was attributed to known ransomware operators, according to Microsoft and threat intelligence firm RiskIQ. The existence of the zero-day, called CVE-2021-40444, was revealed on September 7, when Microsoft released countermeasures and cautioned that the vulnerability had been exploited in targeted attacks using specially designed Office […]

Continue Reading

German Election Authority Confirms Probable Cyber Attack

  Suspected hackers momentarily impacted the website of the authority managing Germany’s September 26 federal election, a spokesperson for the agency told AFP on Wednesday.  The news was originally reported by Business Insider, and it comes as German federal prosecutors investigate suspected cyber assaults on legislators during the election campaign for a new parliament and […]

Continue Reading

Republican Governors Association Targeted in Microsoft Exchange Server Attacks

  The Republican Governors Association was one of many U.S. organizations attacked in March when a nation-state group exploited vulnerabilities in Microsoft Exchange email servers, according to a breach notification letter filed with the Maine attorney general’s office this week.   For companies worldwide, the situation became a cause of concern; nearly 500 persons linked with […]

Continue Reading