Blogs
Stay informed with CyberLabs’ expert-written blogs featuring the latest cybersecurity insights, practical tips, and deep dives into emerging threats and technologies.
New Emerging ransomware: RORSCHACH
6 Apr 2023
One of the fastest-encrypting ransomware strains, known as “Rorschach,” has been identified by security experts. It has also demonstrated sophisticated evasion skills in attacks across the globe. The ransomware was swiftly identified as an especially effective and seemingly unrelated strain after it was discovered during an attack on the Windows environment of an undisclosed US-based […]
Read More
Crown Resorts hacked, ransom demanded
30 Mar 2023
Crown representatives have admitted to falling victim to the Fortra GoAnywhere ransomware attack. An error in the GoAnywhere network was recently discovered by the ransomware organization Clop, which cybersecurity experts have since labeled a “zero-day” vulnerability. Due to a bug, Clop was able to sneak into GoAnywhere and steal info. More than 130 businesses’ data […]
Read More
TikTok Bans from Uk government devices
23 Mar 2023
With immediate effect, the United Kingdom will prohibit TikTok from being used on any government-owned smartphones, joining other Western nations that have already done the same because to security concerns. “The security of sensitive government information must come first, so today we are banning this app on government devices. The use of other data-extracting apps […]
Read More
Shein’s Android app breached clipboard privacy.
16 Mar 2023
According to a blog post by Microsoft Threat Intelligence, the Shein shopping platform app owned by a Chinese company was found to be accessing user clipboards on Android devices. “Microsoft discovered that an old version of the SHEIN Android application periodically read the contents of the Android device clipboard and, if a particular pattern was […]
Read More
LastPass breach caused by engineer’s outdated Plex software.
9 Mar 2023
The LastPass breach was brought on by an engineer who neglected to update Plex on his personal computer. The LastPass recently revealed a “second attack,” in which a threat actor combined information obtained from a third-party data breach with information obtained from the August security breach. Then, to target the company, the attackers used a […]
Read More
LastPass Reveals more details on the breach
2 Mar 2023
Threat actors obtained user information and partially encrypted password vault data, according to a compromise that LastPass announced in December. The organization has now revealed how the threat actors carried out this attack, claiming that they did so by using a senior DevOps engineer’s PC to install a keylogger using information obtained from two data […]
Read More
What to do after Twitter eliminates SMS 2FA for non-Blue users?
23 Feb 2023
On 15th Feburary 2022, Twitter on a blog post said “Phone-number based 2FA be used – and abused – by bad actors. So starting today, we will no longer allow accounts to enroll in the text message/SMS method of 2FA unless they are Twitter Blue subscribers. The availability of text message 2FA for Twitter Blue […]
Read More
Pepsi Bottling Ventures suffers data breach
16 Feb 2023
The largest privately owned bottler of Pepsi-Cola products in the United States, Pepsi Bottling Ventures, claims a malware attack resulted in the stealing of personal data from its computers. The corporation began issuing notification letters to an undetermined number of people on February 10 to let them know that a month-long data breach may have […]
Read More
New Russian info-stealer attacks target Ukraine.
9 Feb 2023
Security experts have seen a Russian hacking organization, which was responsible for the catastrophic WhisperGate virus intrusions, directing a new information-stealing malware at Ukrainian targets. This campaign has been traced to TA471 (also known as UAC-0056), a cyberthreat actor with ties to Russia that has been active since early 2021, as per the report by […]
Read More
Users of GitHub Desktop and Atom must take action
2 Feb 2023
Unidentified attackers reportedly gained access to certain of GitHub’s development and release planning repositories and stole encrypted code-signing certificates for the company’s Desktop and Atom applications. “On December 7, 2022, GitHub detected unauthorized access to a set of repositories used in the planning and development of GitHub Desktop and Atom. After a thorough investigation, we […]
Read More
€5.5 million fined on WhatsApp
24 Jan 2023
Meta’s WhatsApp has been fined by Irish Data Protection Commission (DPC) for violating the General Data Protection Regulation (GDPR). On 19th January 2023 thee Data Protection Commission (“DPC”) of Irish released the following statement. “The Data Protection Commission (“DPC”) has today announced the conclusion of an inquiry into the processing carried out by WhatsApp Ireland […]
Read More
$5.4 million fined on TikTok
17 Jan 2023
TikTok UK and TikTok Ireland have been fined €5,000,000 (Around $5.4 Million) by France’s data protection regulator (CNIL). The fine is for making it impossible for platform users to reject cookies and for failing to adequately explain their function. “Users of ‘tiktok[.]com’ could not refuse cookies as easily as accepting them. They were not informed […]
Read More