WhatsApp Launches Proxy Tool to Fight Internet Censorship
Amid internet shutdowns in Iran, the encrypted messaging app is introducing proxy connections that can help people get online.
Security
Zoho urges fixing a critical SQL Injection flaw in ManageEngine
Zoho is warning its customers of a critical vulnerability, tracked as CVE-2022-47523, affecting multiple ManageEngine products. Zoho is urging its customers to address a critical SQL Injection vulnerability, tracked as CVE-2022-47523, that affects multiple ManageEngine products. “This security advisory is to let you know that a high severity vulnerability was detected in ManageEngine Password Manager […]
The post Zoho urges fixing a critical SQL Injection flaw in ManageEngine appeared first on Security Affairs.
Hundreds of WordPress Sites Infected By Recently Discovered Backdoor
Malware that exploits unpatched vulnerabilities in 30 different WordPress plugins has infected hundreds if not thousands of sites and may have been in active use for years, according to a writeup published last week. Ars Technica reports: The Linux-bas…
Meta violates GDPR with non-compliant targeted ad practices, earns $400 million in fines
Meta has violated GDPR with illegal personal data collection practices for targeted ads. Learn about this latest violation and Meta’s rocky GDPR history.
The post Meta violates GDPR with non-compliant targeted ad practices, earns $400 million in fines …
Database of the Cricketsocial.com platform left open online
CyberNews reported that Cricketsocial.com, a social platform for the cricket community, exposed private customer data and admin credentials. Cricketsocial.com, is a social platform developed for the cricket community online. CyberNews discovered that a database used by the platform was left open online, it contains a huge trove of data. The Social platform for the cricket […]
The post Database of the Cricketsocial.com platform left open online appeared first on Security Affairs.
Cops Hacked Thousands of Phones. Was It Legal?
When police infiltrated the EncroChat phone system in 2020, they hit an intelligence gold mine. But subsequent legal challenges have spread across Europe.
Machine-Learning Python package compromised in supply chain attack
A nightly build version of a machine-learning framework dependency has been compromised. The package ran malicious code on affected systems and stole data from unsuspecting users.
The post Machine-Learning Python package compromised in supply chain att…
Fortinet fixed multiple command injection bugs in FortiADC and FortiTester
Fortinet addressed multiple vulnerabilities impacting its products and warned of a high-severity command injection flaw in FortiADC. Cybersecurity vendor Fortinet addressed several vulnerabilities impacting its products. The compaby also warned customers of a high-severity command injection flaw, tracked as CVE-2022-39947 (CVSS score of 8.6), affecting the Application Delivery Controller FortiADC. The CVE-2022-39947 flaw is an […]
The post Fortinet fixed multiple command injection bugs in FortiADC and FortiTester appeared first on Security Affairs.
Police say they have smashed terror team in SE Iran
Commander of Sistan and Baluchestan Province Disciplinary Forces announced in a statement that the country’s security forces have managed to capture members of a terrorist team which had last week launched armed attacks against police patrols.
US. rail and locomotive company Wabtec hit with Lockbit ransomware
US. rail and locomotive company Wabtec Corporation disclosed a data breach after it was hit with Lockbit ransomware attack. Wabtec Corporation is an American company formed by the merger of the Westinghouse Air Brake Company (WABCO) and MotivePower Industries Corporation in 1999. It manufactures products for locomotives, freight cars and passenger transit vehicles, and builds new locomotives up to 6,000 horsepower. The company employs […]
The post US. rail and locomotive company Wabtec hit with Lockbit ransomware appeared first on Security Affairs.