# Telegram’s Tug of War: IP Addresses and Legal Compliance In a significant policy shift, the widely-used messaging app Telegram announced it will disclose users’ IP addresses and phone numbers to authorities upon receiving valid legal requests. This move aims to curb criminal activities on the platform, reflecting a change in Telegram’s traditionally staunch privacy…
## Discord Introduces DAVE: Revolutionizing Secure Communication in Social Messaging In an age when online communication security is a top priority, popular social messaging platform Discord has taken a significant step forward by introducing a custom end-to-end encrypted (E2EE) protocol. Dubbed DAVE, short for Discord’s Audio and Video End-to-End Encryption (“E2EE A/V”), this new protocol…
Critical Security Flaw Discovered in Microchip Advanced Software Framework (ASF) In a significant development in the realm of cybersecurity, a critical vulnerability has been identified in the Microchip Advanced Software Framework (ASF). The flaw, cataloged as CVE-2024-7490, presents a severe risk as it could potentially lead to remote code execution if exploited successfully. With a…
North Korean Threat Actors Utilize Poisoned Python Packages to Deploy New PondRAT Malware In another alarming development in the realm of cybersecurity, threat actors with connections to North Korea have been detected using tainted Python packages as a medium to distribute a freshly emerged malware dubbed PondRAT. This new finding, revealed by Palo Alto Networks…
## Discord Introduces DAVE: Revolutionizing Secure Communication in Social Messaging In an age when online communication security is a top priority, popular social messaging platform Discord has taken a significant step forward by introducing a custom end-to-end encrypted (E2EE) protocol. Dubbed DAVE, short for Discord’s Audio and Video End-to-End Encryption (“E2EE A/V”), this new protocol…
Google Introduces New Password Manager PIN for Enhanced Security Across Devices In a bid to elevate user security, Google unveiled a notable upgrade to its Password Manager on Thursday. This new feature allows Chrome web users to sync their passkeys across various platforms, including Windows, macOS, Linux, ChromeOS, and Android devices. The latest enhancement promises…
# Ivanti’s Unplanned Tangle: Critical Security Flaw in CSA Actively Exploited ## Unveiling the Vulnerability In the ever-evolving battlefield of IT security, Ivanti has found itself on the front lines with a new critical vulnerability that has shaken its Cloud Service Appliance (CSA). This flaw, identified as CVE-2024-8963, has gained notoriety among cybersecurity circles due…
Service Accounts: The Silent Targets of Modern Cyber Attacks Until just a couple of years ago, only a handful of Identity and Access Management (IAM) professionals really understood what service accounts are. Fast forward to today, and these silent non-human identities (NHI) have become one of the most targeted and compromised attack surfaces in cybersecurity….
TeamTNT Cryptocurrency Miners Resurface with New Attacks on VPS Infrastructures In the ever-evolving landscape of cybersecurity threats, it appears that the infamous cryptojacking gang, TeamTNT, is back in action. After a period of relative inactivity, this nefarious group has resurfaced, setting its sights on Virtual Private Server (VPS) infrastructures, with a particular focus on systems…
Threat Actors Target Construction Sector through FOUNDATION Accounting Software The construction sector has come under siege from cybercriminals exploiting vulnerabilities in FOUNDATION Accounting Software. According to new findings from Huntress, an IT security firm specializing in threat detection and prevention, these attacks indicate a troubling trend toward increased targeting of essential industries using specialized software….