-
Vulnerability in Dahua IP cameras allows you to take full control over the device
Details have been released about a vulnerability in the Dahua Open Network Video Interface Forum (ONVIF) standard implementation that could lead to IP cameras being taken over. ONVIF governs the development and use of an open standard for how CCTV cameras and IP-based access control systems can interoperate with each other regardless of vendor.Issue CVE-2022-30563 (CVSS Score: 7.4) fixed on June 28 affects the following products:Dahua ASI7XXX: Versions up to v1.000.0000009.0.R.220620;Dahua IPC-HDBW2XXX: Versions up to v2.820.0000000.48.R.220614;Dahua IPC-HX2XXX: Versions prior to v2.820.0000000.48.R.220614.The vulnerability discovered by Nozomi Networks is related to the "WS-UsernameToken" authentication mechanism in some...
-
Free coffee and donut in exchange for constant surveillance
Fast food chain Tim Hortons has agreed to settle several class-action lawsuits that accuse the company of tracking the location of customers through its app without their consent. Under the proposed agreement, which requires a judge's approval, spyed customers in Canada will receive a free hot drink and baked goods. In other words, in exchange for customer location data, the company will give them coffee and a donut.Notably, Tim Hortons promised to remove all customer location data between April 1, 2019 and September 30, 2020, and has asked Radar Labs, a data collection service provider,...
-
Amsterdam wants to abandon its reputation as a "city of sex and drugs"
In the year before the pandemic, Amsterdam, which received 22 million visitors, was suffering from overtourism, and in particular from tourists who came to the city of "free morals" - "for sex and drugs."Femke Halsema, mayor of the city, said there must be a plan to shed the city's reputation for "sex and drugs".It is planned to solve the problem of excessive high cost of the capital. It is also necessary to protect citizens, especially those living in the city center, who, due to the enormous tourist flow, feel like strangers.If we talk about the...
-
Detected critical Confluence vulnerability is actively used in the wild
A week after the fixes for a critical vulnerability in Confluence that occurs after installing the Questions For Confluence application, hackers began to actively exploit the gap in the wild. This is a vulnerability CVE-2022-26138 associated with a hard-coded password for a user account named disabledsystemuser.As soon as the hard-coded username and password were published on Twitter, the attackers immediately began to try to use them for their own purposes. For experts, this came as no surprise, since Confluence is a tasty morsel for hackers who use its vulnerabilities to carry out ransomware attacks.Experts note...
-
Individuals who use more marijuana drive better than their less frequent peers
A group of researchers from the Anschutz Center at the University of Colorado, with the support of their colleagues at the University of Iowa, have published an interesting paper that claims that heavy cannabis users not only drive as well as their teetotaler peers, but that they are better at this task than people who are only occasionally intoxicated from marijuana.The experiment, reinforcing the judgments of the study, involved 85 volunteers, aged 25 to 45 years. Of the sample of volunteers, 30 people reported that they did not use cannabis, 24 reported that they used...
-
How to hide your IP address and personal data from all-seeing algorithms?
The Internet gives us many opportunities, but it also brings new risks and threats. One of the most notable is the threat to our privacy. Some users find that the built-in browser features and antiviruses provide sufficient protection against web snooping, but this, of course, is not enough.There are four most common methods that websites and apps use to track users:Tracking by IP address. By obtaining information about the user's IP address, websites and hackers can find out your location, detailed information about the devices connected to your network, and much more.Gathering information through permissions...
-
British architecture firm hit by ransomware attack
The Sheppard Robson IT team noticed unusual activity on their network on July 24 and publicly reported the incident on August 5. The company said it immediately took action to mitigate the damage caused by the attack by shutting down all systems and servers that were still running. Currently, access to the servers of the architectural bureau has been restored.Founded in 1938, Sheppard Robson has nearly 400 employees and is one of the largest architecture firms in the UK.“We take cybersecurity very seriously and have government-approved security practices and certifications. However, despite all the security...
-
Samsung Galaxy users are protected from spying
Samsung has officially declared that all Galaxy series devices are protected from downloading Pegasus spyware. Dr. Seungwon Shin, head and vice president of Samsung's security division, said that in order to protect against zero-click attacks and stealthy downloads of spyware, Samsung builds Knox Vault security systems into the hardware of Galaxy devices, which combines a secure processor with a memory chip designed to protect sensitive information from other device operations.If any security threat is detected, the device allows you to disable the Samsung Pay and Samsung Pass apps, blocking access to PINs, passwords, biometrics, digital...
-
How drug addicts get money for drugs?
Don't believe a drug addict who says he gets money for drugs honestly. People who honestly earn enough money to use drugs regularly simply do not have the opportunity to "get high" because of their business workload. On the other hand, when a person uses drugs regularly, after a more or less short time, he has to quit his job. Why? Drugs do not leave her for a second. It takes too long just to get them. If a person is very rich, he may not care about finding drugs. But another danger awaits him....
-
One organization was attacked by 3 groups at once
The joint campaign used all possible methods of hacking and the triple encryption method.According to a report from the information security company Sophos, 3 groups attacked one organization at once - Hive, LockBit and BlackCat, using cryptominers, remote access trojans (RAT) and bots.Three ransomware gangs attacked the same network in succession and left a ransom note. Some files were subject to triple encryption. The researchers did not specify the name of the attacked organization.A sequence of attacks a few days or weeks apart suggests that the attackers compromised the network using the same vulnerability. According...