Pro-India hackers use Android spyware to spy on Pakistani military

This week a report has revealed details on two Android spyware strains leveraged by state-sponsored threat actors during the India-Pakistan conflict. The malware strains named Hornbill and SunBird have been delivered as fake Android apps (APKs) by the Confucius advanced persistent threat group (APT), a pro-India state-sponsored operation known to spy on Pakistani and South … Continue reading Pro-India hackers use Android spyware to spy on Pakistani military

Windows 10 bug causes a BSOD crash when opening a certain path

A bug in Windows 10 causes the operating system to crash with a Blue Screen of Death simply by opening a certain path in a browser's address bar or using other Windows commands. Last week, BleepingComputer learned of two bugs disclosed on Twitter by a Windows security researcher that can be abused by attackers in … Continue reading Windows 10 bug causes a BSOD crash when opening a certain path

Top 5 Need to Know Coding Defects for DevSecOps

Integrating static analysis into the development cycle can prevent coding defects and deliver secure software faster. Security practitioners are accustomed to intervening at the end of the software development process to identify security vulnerabilities, many of which could have been prevented with earlier intervention. To address this problem, developers who are already under pressure to … Continue reading Top 5 Need to Know Coding Defects for DevSecOps

Malicious or Vulnerable Docker Images Widespread, Firm Says

A dynamic analysis of the publicly available images on Docker Hub found that 51% had critical vulnerabilities and about 6,500 of the 4 million latest images could be considered malicious. More than half of the latest images available on Docker Hub have critical vulnerabilities from outdated software, while thousands of images are attack tools or … Continue reading Malicious or Vulnerable Docker Images Widespread, Firm Says

Google discloses a zero-click Wi-Fi exploit to hack iPhone devices

Google Project Zero expert Ian Beer on Tuesday disclosed a critical “wormable” iOS flaw that could have allowed to hack iPhone devices. Google Project Zero white-hat hacker Ian Beer has disclosed technical details of a critical “wormable” iOS bug that could have allowed a remote attacker to take over any device in the vicinity over … Continue reading Google discloses a zero-click Wi-Fi exploit to hack iPhone devices