In order to provide you the best services, DrGlenn regularly posts articles and new security concerns. Check back often!

Has your old Chromecast suddenly developed a problem?You're not alone it seems.Many users of second-generation Chromecast and Chromecast Audio streaming devices have discovered that their beloved dongles have gone belly-up and are showing error messages such as:"Untrusted device: [name] couldn't be verified. This could be caused by outdated firmware."And what has the typical tech user learnt over the years if a piece of hardware isn't working properly? Why, do a factory reset of course!Woah! Stop right there - because Google is advising Chromecast owners to not make the mistake of thinking that performing a factory reset on their Chromecasts will fix the issue.Indeed, Google goes on to explain that if you perform a factory reset while trying to troubleshoot the issue with your...

Mar 11, 2025Ravie LakshmananNetwork Security / Vulnerability Unpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, according to new findings from the Cato CTRL team. "The botnet exploits a remote code execution (RCE) vulnerability in TP-Link Archer routers (CVE-2023-1389) to spread itself automatically over the Internet," security researchers Ofek Vardi and Matan Mittelman said in a technical report shared with The Hacker News. CVE-2023-1389 is a high-severity security flaw impacting TP-Link Archer AX-21 routers that could lead to command injection, which could then pave the way for remote code execution. The earliest evidence of active exploitation of the flaw dates back to April 2023, with unidentified threat actors using it to drop...

One of the most successful actions that cyber threat actors have historically taken is in the use of “phishing” while misrepresenting themselves and convincing people to give up their logins, passwords and/or control of their device. The problem with this is that the users volunteer their information and therefore the breach can’t be prosecuted. Anydesk is a known program that turns over control of their device(s) to the cybercriminals. While it’s used for many real uses, such as collaboration, tech support or even IT management, cyber criminals have accessed it for nefarious uses.The fact that users are voluntarily allowing cybercriminals access to their devices using a valid program such as anydesk changes the entire landscape of criminality. One could compare it to opening the...

Artificial Intelligence (AI) is transforming the digital landscape, powering applications that are smarter, faster, and more intuitive than ever before. From personalized recommendations to advanced automation, AI is reshaping how businesses interact with technology. However, with this immense potential comes an equally significant responsibility: ensuring the security of AI-powered applications.  In an era where data breaches and cyber threats are increasingly sophisticated, protecting AI-driven systems is no longer optional—it’s imperative. This article explores the security challenges associated with AI-powered applications and outlines effective strategies for safeguarding these innovations.  The Double-Edged Sword of AI in Application Security  Imagine this scenario: A...

A new shift in tactics by the Chinese espionage group Silk Typhoon, also known as Hafnium, has been identified by security researchers.  According to Microsoft Threat Intelligence, the group is increasingly exploiting common IT solutions, such as remote management tools and cloud applications, to gain initial access. While they have not been observed directly targeting Microsoft cloud services, they have leveraged unpatched applications to escalate privileges and infiltrate networks. Silk Typhoon, a well-resourced and technically adept state-sponsored threat actor, has one of the largest targeting footprints among Chinese espionage groups. They opportunistically exploit vulnerabilities in public-facing devices, quickly moving from vulnerability scanning to active exploitation....

Cyber insurance claim values are an effective way to quantify the impact of cyberattacks on organizations. A higher claim value indicates that the victim experienced considerable financial and operational consequences from the attack, while a low claim value reflects limited disruption.  Reducing the value of cyber insurance claims is to everyone’s advantage. For clients, lower claims demonstrate improved cyber resilience while insurers benefit from lower payouts. It also creates a virtuous circle: If insurers are spending less covering claims, they are able to drop premiums, delivering further advantage to clients.  While there is broad consensus that stronger defenses reduce the financial and operational impacts of cyberattacks and the value of the resulting claims, no one has...

A North Korea-aligned activity cluster tracked by ESET as DeceptiveDevelopment drains victims' crypto wallets and steals their login details from web browsers and password managers 20 Feb 2025 ESET researchers have observed a malicious campaign where North Korea-aligned threat actors, posing as headhunters, target freelance software developers with info-stealing malware. The activities – named DeceptiveDevelopment and going back to at least November 2023 – involve spearphishing messages that are being distributed on job-hunting and freelancing sites and ask the targets to take a coding test, with the files necessary for the task usually hosted on private repositories such as GitHub. These files are laden with malware, however, which ultimately lets the attackers steal the victims'...

Forscher haben herausgefunden, dass zwei VSCode-Erweiterungen mit Schadcode infiziert sind.VZ_Art – Shutterstock.com Die IT-Forscher Amit Assaraf und Itay Kruk entdeckten kürzlich, dass die beiden Erweiterungen für Visual Studio Code – “Material Theme – Free” und “Material Theme Icons – Free” Schadcode enthalten. Berichten zufolge erfreuten sich diese Erweiterungen großer Beliebtheit und wurden insgesamt fast neun Millionen Mal heruntergeladen. Laut einer Mitteilung eines Microsoft-Mitarbeiters hat der Tech-Konzern daraufhin nicht nur die beiden Erweiterungen entfernt, sondern auch den Entwickler aus dem Marketplace verbannt. Microsoft bestätigte, dass die Sicherheitsanalyse durch die Community mehrere Hinweise auf böswillige Absichten ergeben habe. Recherchen von Microsofts...

One month into his second term, President Trump’s actions to shrink the government through mass layoffs, firings and withholding funds allocated by Congress have thrown federal cybersecurity and consumer protection programs into disarray. At the same time, agencies are battling an ongoing effort by the world’s richest man to wrest control over their networks and data. Image: Shutterstock. Greg Meland. The Trump administration has fired at least 130 employees at the federal government’s foremost cybersecurity body — the Cybersecurity and Infrastructure Security Agency (CISA). Those dismissals reportedly included CISA staff dedicated to securing U.S. elections, and fighting misinformation and foreign influence operations. Earlier this week, technologists with Elon Musk’s Department...

From shadowy Bitcoin exchanges to Interpol’s most wanted, Alexander Vinnik was the alleged kingpin behind BTC-e, a $4bn crypto laundering empire. Learn more about him, and how he became a geopolitical pawn between the US, France, and Russia. Plus! Hear how concert-goers are being warned about a swathe of scams hitting stadiums and arenas around the world. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault. PLUS! Don’t miss our featured interview with Cliff Crosland of Scanner.dev. Warning: This podcast may contain nuts, adult themes, and rude language. Hosts: Graham Cluley:  @grahamcluley.com  @[email protected] Carole Theriault:  @caroletheriault Episode links: Sponsored...

Feb 21, 2025Ravie LakshmananData Protection / Encryption Apple is removing its Advanced Data Protection (ADP) feature for iCloud from the United Kingdom with immediate effect following government demands for backdoor access to encrypted user data. The development was first reported by Bloomberg. ADP for iCloud is an optional setting that ensures that users' trusted devices retain sole access to the encryption keys used to unlock data stored in its cloud. This includes iCloud Backup, Photos, Notes, Reminders, Safari Bookmarks, voice memos, and data associated with its own apps. "We are gravely disappointed that the protections provided by ADP will not be available to our customers in the UK given the continuing rise of data breaches and other threats to customer privacy," the...

Crypto currencies are the promise of profit to the unsuspecting and scammers know that those that are vulnerable are willing to fall for their scams. Unregulated, crypto currencies are everywhere and threat actors are keen to dangle the dreams of fast profit to people that typically know little or nothing about this digital currency. It […] The post Crypto Scams on the Rise appeared first on Da Vinci Cybersecurity: Leading Cyber Security Services in South Africa.. Source link

The General Data Protection Regulation (GDPR) stands as a gold standard for data protection laws globally, setting stringent benchmarks for privacy and data security. Recently, India joined the league of countries with robust data protection frameworks by enacting the Digital Personal Data Protection Act (DPDP) 2023. This legislation marks a significant step in India’s data protection journey, aiming to balance global compliance with the nation’s unique socioeconomic landscape.  For organizations operating under both frameworks or navigating India’s new regime, understanding the similarities and differences between GDPR and DPDP is essential for compliance and strategic alignment. Let’s understand in detail. GDPR Vs. DPDP Act:  Scope and Applicability  Both the GDPR and DPDP Act...

Multiple Russian nation-state actors are targeting sensitive Microsoft 365 accounts via device code authentication phishing, a new analysis by Volexity has revealed. The firm first observed this activity towards the end of January 2025, when the M365 account of one of its customers was successfully compromised in a highly targeted attack. The technique is more effective at successfully compromising accounts than most other spear-phishing campaigns, according to the researchers. In the campaign, the attackers impersonate individuals from government departments, including the US Department of State, and prominent research institutions. This is designed to socially engineer targets into providing a specific Microsoft device authentication code, allowing the attackers long-term access...

With the explosion of cloud computing, video streaming, AI, and other data-hungry technologies, traditional gigabit Ethernet (GE) networks are struggling to keep up. Bottlenecks and latency issues are hampering application performance and the overall user experience. The newest addition to the Sophos Switch portfolio, CS1010-8FP, provides a cost-effective way to support the high-speed, low-latency requirements of modern networks and applications, such as: High-definition media streaming Large file content transfer, e.g., Computer-Aided Design (CAD), video editing Server-to-server and server-to-NAS data backups Communication with 10-gigabit servers Linking multiple 1-gigabit switches for improved performance Higher-speed LAN to reap the potential of high-speed internet, e.g., Fiber...

States are increasingly embracing data privacy regulation, and Kentucky, Rhode Island, and Tennessee are leading the charge. That has earned them high marks from security experts and landed them at the top of the list of states with the lowest rates of data breaches.These three states are effectively protecting data because of a dual approach of drafting smart data privacy legislation, and then enforcing those laws when appropriate, according to Anonta Khan, who is with DesignRush, the firm that conducted the state data privacy study. Conversely, South Dakota (which got the lowest safety score in the survey, 65.14 out of 100) and Alaska (66.50) rank at the bottom."Some states, like Kentucky (the highest rated at 99.32) and Rhode Island (97.14), do a good job protecting data," Khan...

“Ten percent of the value is in the tool, and 90 percent is in the people and processes around the tool. Look at what the tools are out there and give it time. Then in six months, reassess,” Dickson said. For customers looking at near-term renewal issues, he said to renew, “but don’t go for any more than a one-year timeframe on your renewals” and focus on exit clauses. Then strategize on a 2-year to 4-year timeframe, he said. When asked for her thoughts on what the acquisition means for enterprise CISOs, Jess Burn, a principal analyst for security and risk at Forrester, was succinct: “Not a whole lot.” “The SolarWinds hack and resulting breaches gave CISOs two things to think about: Greater scrutiny of third and fourth parties in or connected to the enterprise, and personal...

New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three “free” downloads for Apple and Google devices since their debut on Jan. 25, 2025. But experts caution that many of DeepSeek’s design choices — such as using hard-coded encryption keys, and sending unencrypted user and device data to Chinese companies — introduce a number of glaring security and privacy risks. Public interest in the DeepSeek AI chat apps swelled following widespread media reports that the upstart Chinese AI firm had managed to match the abilities of cutting-edge chatbots while using a fraction of the specialized computer chips that leading AI companies rely on. As of this writing, DeepSeek is the third most-downloaded “free” app on the Apple store, and...

A California man has been sentenced to seven years in prison for his involvement in a fraudulent scheme that saw over 50 individuals and organisations lose millions of dollars.59-year-old Allen Giltman, of Irvine, California, pleaded guilty to charges that he and his co-conspirators built a network of fraudulent websites impersonating legitimate financial institutions.According to a US Department of Justice (DOJ) press release, between 2012 and October 2020, Giltman and others created a series of at least 150 bogus websites that posed as real financial institutions.Websites like saddleriveradvisors[dot]]net and sra-llc[dot]com were created to mimic the design, logos, and wording of a legitimate financial institution, Saddle River Advisors (saddleriveradvisors[dot]com).As the DOJ...

Feb 03, 2025Ravie LakshmananVulnerability / Network Security As many as 768 vulnerabilities with designated CVE identifiers were reported as exploited in the wild in 2024, up from 639 CVEs in 2023, registering a 20% increase year-over-year. Describing 2024 as "another banner year for threat actors targeting the exploitation of vulnerabilities," VulnCheck said 23.6% of known exploited vulnerabilities (KEV) were known to be weaponized either on or before the day their CVEs were publicly disclosed. This marks a slight decrease from 2023's 26.8%, indicating that exploitation attempts can take place at any time in a vulnerability's lifecycle. "During 2024, 1% of the CVEs published were reported publicly as exploited in the wild," VulnCheck's Patrick Garrity said in a report shared...