FrodoPIR (Private Information Retrieval) is a privacy-focused database querying system that allows users to query a database without revealing which records they are interested in. This is accomplished using techniques from cryptography and information theory. In traditional database querying systems, the client sends a query to the server that stores the database, specifying which records they are interested in. The server then responds by sending the requested data back to the client. However, this process reveals to the server which records the client is interested in, potentially exposing ..read more

In November 2021, a threat actor in the Iranian geopolitical network was discovered to have deployed two new targeted malware with “simple” backdoor functionality as part of an incursion into an unnamed government body in the Middle East. Cybersecurity firm Mandiant attributed the attack to an uncategorized cluster it tracks as UNC3313, which it rates with “moderate certainty” associated with state-sponsored group MuddyWater. “UNC3313 monitors and collects strategic information to support Iranian interests and decision-making,” said researchers Ryan Tomczyk, Emiel Hegebarth and Tufail Ahmed ..read more

An investigation of the clickless attack surface for the popular Zoom video conferencing solution revealed two Zero-Day Bugs (previously unknown security vulnerabilities) that could be exploited to crash the service, execute malicious code, and even leak arbitrary areas of its memory. Natalie Silvanovich of Google Project Zero, who discovered and reported the two flaws last year, said the issues affect both Zoom clients and Media Router (MMR) servers that relay audio and video content between clients on on-premises deployments. The flaws have since been fixed by Zoom as part of updates release ..read more

The Ukrainian government on Sunday formally accused Russia of orchestrating the attacks on the websites of state institutions and government agencies last week. “All evidence points to Russia being behind the cyberattack,” the Digital Transformation Department said in a statement. “Moscow continues to wage a hybrid war and is actively building up its forces in the information and cyberspace.” The purpose of the attack, the ministry said, was “not only to intimidate the public,” but also “to destabilize the situation in Ukraine by shutting down the public sector and undermining Ukrainians’ conf ..read more

This New Apple Safari Browser bug introduced in the implementation of the IndexedDB API in Apple Safari 15 could be used by a malicious website to track a user’s online activity in a web browser and, worse, even reveal their identity. The vulnerability, dubbed IndexedDB Leaks, was discovered by anti-fraud software company FingerprintJS, which reported the issue to the iPhone manufacturer on November 28, 2021. IndexedDB is a low-level JavaScript application programming interface (API) provided by web browsers for managing a NoSQL database with structured data objects such as files and blobs. “L ..read more

A Russian court fined Google nearly $ 100 million for allegedly “systematically refusing the company to remove prohibited content” after finding it guilty of repeated violations of Russian law. The Tagansky District Court ordered Google to pay an administrative fine of about 7.2 billion rubles (roughly $ 98.4 million) or about 8% of the search giant’s annual revenue in Russia. “In the case of an administrative offense under Part 5 of Article 13.41 of the Administrative Offenses Code, <…> LLC“ Google ”was found guilty … A punishment was imposed in the form of an administrative fine in the ..read more

Romanian cybersecurity technology company Bitdefender said Monday that attempts are being made to attack Windows computers with a new ransomware family called Khonsari Ransomware, as well as the Orcus remote access Trojan, using the recently discovered critical Log4j vulnerability. The attack exploits a remote code execution vulnerability to download an additional payload, a .NET binary, from a remote server that encrypts all .khonsari files and displays a ransom request that prompts victims to make a payment in bitcoin in exchange for regaining access to the files. The vulnerability is track ..read more

According to several reports from Reuters and the Washington Post, Apple has told several U.S. Embassy and State Department officials that their iPhone may have been targeted by an unknown attacker using state-sponsored spyware created by the controversial Israeli company NSO Group – Pegasus Spyware. At least 11 U.S. Embassy officials stationed in Uganda or dealing with issues about the country have reportedly opted to use iPhones registered to their phone numbers overseas, although the identity of the threat behind the intrusions or the nature of the information requested remains unknown. The ..read more

Computer technology has always been touted as a valuable asset in the modern world, so much so that it is said that the next world war may be based on cyberwar. In support of this prediction, there have been reports that several governments around the world are illegally tracking down prominent politicians and journalists using malware from the Israeli NSO group Pegasus. What is Pegasus Spyware? Named after the mythical creature, Pegasus spyware – a program used to remotely monitor a target – was created by NSO Group Technologies, based near Tel Aviv. Historically, Pegasus has played an import ..read more

Innovation and technology multiply by leaps and bounds, every day we are faced with new features or programs in the digital world. But every coin has two sides, technological advances not only lead to development and improvement but also involve the threat of cybercrime. We collect a ton of news related to data breaches and malicious hacker attacks. Day by day, the fashion for cryptocurrencies is growing rapidly, everyone wants to invest and make billions of gross profits in the cryptocurrency market, the risk is high, but the profit is much higher than the risk. This is a good way to make mon ..read more