Patched on Qualcomm’s end, the flaw could allow attackers to access your call history and text messages and eavesdrop on your phone conversations, says Check Point Research. Android phone users may be susceptible to a security vulnerability that could compromise their devices. In a research report published Thursday, cyber threat intelligence provider Check Point Research revealed certain details on a flaw it identified in 2020 in Qualcomm mobile station modem (MSM) chips, including ones used…

The United States Department of Defense (DOD) has expanded its ethical hacking program to include more targets. DoD officials announced yesterday that the Department’s Vulnerability Disclosure Program will be broadened to include all publicly accessible DOD information systems. Bug hunters were first invited to engage with the DOD in 2016 when the initiative ‘Hack the Pentagon’ was launched. Through this initiative, the Defense Digital Service set up a bug bounty program to reward ethical hackers for identifying flaws…

Social media is a great place to connect with friends and family. Unfortunately, it is also a great place for misinformation to run rampant, and it is a virtual treasure chest for cybercriminals to steal personal information. Over 25 million Canadians own a social media account, and more than 80% of the Canadian population is expected to be on social media by 2025. Check out this roundup of common social media scams so you can…

Social media is a great place to connect with friends and family. Unfortunately, it is also a great place for misinformation to run rampant, and it is a virtual treasure chest for cybercriminals to steal personal information. Over 25 million Canadians own a social media account, and more than 80% of the Canadian population is expected to be on social media by 2025. Check out this roundup of common social media scams so you can…

Tripwire’s April 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Google Chrome and Microsoft. First on the patch priority list this month are patches for insufficient input validation vulnerabilities in Google Chrome (Chromium). Exploits for these vulnerabilities have been recently added to the Metasploit Exploit Framework. These systems should be patched as soon as possible. Next on the patch priority list this month are patches for Microsoft Excel, Office, Word, and Outlook. These…

The US Defense Department and third-party military contractors are being advised to strengthen the security of their operational technology (OT) in the wake of security breaches, such as the SolarWinds supply chain attack. The guidance comes from the NSA, which this week has issued a cybersecurity advisory entitled “Stop Malicious Cyber Activity Against Connected Operational Technology” In its advisory, the NSA describes how organisations should evaluate the risks against OT – such as Industrial Control…

Financial services and insurance organizations experienced a 125% rise in exposure to mobile phishing attacks in 2020 compared to 2019, according to Lookout’s Financial Services Threat Report. The cloud security firm also found that malware and app risk exposure went up by more than 400% on average per quarter last year among the industry’s employees and customers. This was despite a 50% growth in mobile device management deployment during this period. This surge in exposure…