Wednesday, April 2, 2025

Tech News, analysis, updates, comments, reviews

Salesforce Flaw Allows Full Account Takeover

A critical vulnerability has been discovered in Salesforce applications, which could potentially lead to a full account takeover. The flaw was identified during a penetration test and is tied to misconfigurations within Salesforce Communities, specifically within the Salesforce Lightning component framework. This vulnerability exposes organizations using Salesforce to significant risks, such as unauthorized data access, data manipulation, and potential breaches of high-privilege accounts. The vulnerability targets “Guest Users,” who, under certain misconfiguration scenarios, could bypass access restrictions and gain unauthorized privileges. The exploit works by attackers mapping the Salesforce instance and identifying vulnerable endpoints. Once access is gained, attackers can use standard controllers, such as “getItems” and...

Concerns about the ICT Bill 2024 in Kenya

THis post has been updated after the attention it is gannering. The original post can be found here: https://web.archive.org/web/20240813033032/https://blog.blancorpsolutions.com/kenya/concerns-about-the-ict-bill-2024-in-kenya/ Kenya's tech industry has been a beacon of innovation and growth, thanks in part to a regulatory environment that has allowed startups and innovators to thrive. This is evident from the multitude of tech companies heading over to Kenya and the increasing number of tech offerings originating from Kenya. As usual, there are always prospects to advance, regulate and maintain order in any field, especially if it gains much momentum. There are case studies on this globally for anyone to check, the most prominent one being the EU laws...

Enjoy exclusive access to our content

Get an online subscription and you can unlock any article you come across, getting instant emails when our site updates, too.

Latest hack to test Biden’s vow for consequences for Russia

WASHINGTON (AP) — President Joe Biden said he would “deliver” a message to Russian President Vladimir Putin about the latest ransomware attacks targeting American...

Client-side web security

To address attacks such as XSS, Magecart and other card skimming exploits found in modern eCommerce environments, the use of client-side web security methods is beginning to emerge as a particularly useful practice. Obviously, enterprise teams should integrate client-side protections...

Bootstrap, a UI framework used by 20% of internet sites, is...

A web framework used by a fifth of all internet websites plans to drop support for Internet Explorer 10 and 11. The move is scheduled for Bootstrap v5, set to be released later this year.

Huawei pens deal with African Telecommunications Union

The African Telecommunications Union (ATU) has signed a Memorandum of Understanding (MoU) with tech giant Huawei that will see African countries and organizations build capacity for ICT transformation.

The Role of Employee Training in Cybersecurity Risk Management

As #cybersecurity threats continue to evolve, employee awareness and training have become critical components of any organization's cybersecurity risk management strategy. In most cases, employees are the weakest link in an organization's cybersecurity defenses, often unwittingly exposing the organization to cyber threats...

A list of reliable password managers

This list is in no particular order. Dashlane https://www.dashlane.com/plans LastPass https://www.lastpass.com NordPass https://nordpass.com/plans/ 1Password https://1password.com/ LogMeOnce https://www.logmeonce.com/ Bitwarden https://bitwarden.com/

Enjoy exclusive access to our content

Get an online subscription and you can unlock any article you come across, getting instant emails when our site updates, too.

Worldwide news every day

Leave a minimal digital footprint

Your digital footprint paints a picture of who you are. Every day, whether we want to or not, most of us contribute to a growing...

How Kenyans (and the world) are falling for a Bitcoin Scam

Bitcoin scams seem to gain track in Kenya and globally overall. Here, Blancos explains how these scams operate, and how to really identify...

Ransomware: Now and The Future

Ransomware has staked its claim as a major element of the cybercriminal ecosystem. As one of the most potentially damaging and costly types of...

Attack Lifecycle story – part 1

I was recently explaining to a group of colleagues how a hacker gains access to a system. Then it hit me; most people are...

Read more

Get involved

Unveiled: How xHelper Android Malware Re-Installs Even After Factory Reset

xHelper- A mysterious piece of Android malware that re-installs itself on infected devices even after users delete it or factory reset their devices—making it nearly impossible to remove. xHelper reportedly infected over 45,000 devices last year, and since then, cybersecurity researchers have been trying to unfold how the malware survives factory reset [...]

Become part of the community

Amazon took data from its own sellers to develop competing products

Amazon.com Inc. AMZN, +1.64% employees have used data about independent sellers on the company’s platform to develop competing products, a practice at odds with the company’s stated policies. The online retailing giant has long asserted, including to Congress, that when it makes and sells its own products, it doesn’t use information it collects from the [...]

Microsoft: Here’s how we’re trying to manage increased cloud demand

Microsoft prioritized the needs of first responders, healthcare workers, and others on the front line, as they've noted previously. And they've throttled some less-essential services to try to keep things humming. On April 23, officials...

Launching Oracle’s COVID-19 Therapeutic app: The back story

By Tony Baer (dbInsight) for Big on Data | April 10, 2020 -- 12:00 GMT (13:00 BST) | Topic: Coronavirus: Business and technology in a pandemic The input screen that patients see when using Oracle's COVID-19 therapeutic app   Source: Oracle Among the many mysteries of the coronavirus is finding out which medications and therapies [...]

On-Premises vs. Cloud Security

As usual, we begin by championing cybersecurity. It stands as the foremost concern for organizations striving to safeguard their sensitive data and digital assets. Among the many strategies available, two dominant paradigms have emerged: on-premises security and cloud security....
spot_img

Create a website from scratch

With our Website Development Service you can be up and running in no time and get yourself or your business visible to millions of potential clients online!

Court Explains About Claim To Let Government Listen To Citizens’ Phones

The Judiciary came out to disprove a news report by Standard carried on the daily's Sunday edition that claimed that in a ruling by the Court of Appeal, the government had been given the go-ahead to tap and listen to private calls

How Kenya’s new personal data protection law could affect researchers

The risk of infringing on privacy is growing by the day given the increased frequency and granularity of the data being collected, and advances in the technology for processing them. This has, inevitably, led to the need for laws to secure personal data privacy. Researchers and research data are not exempt: advances in big data [...]

WhatsApp extends deadline for new privacy policy after people fled

WhatsApp on Friday announced that it will be extending the deadline of its confusing policy implementation by three months. The widely criticised policy required that its two billion users must either accept its updated terms and conditions by February...

What are the real intentions of tracking IMEI numbers?

Imagine if you had a magic map that could show you where all your favorite toys were at any time. Sounds pretty? Well, in Kenya, the government wants to do something similar, but with people’s phones. They plan to...

A Rant: Stripping Privacy in This Era

The world has a privacy problem. Everything connected to the Internet (which is almost everything today), is for the taking. Looking around an average person's daily routine, it exposes the enlarging attack surface with each device we purchase, each...

How to Effectively Detect and Respond to a Data Breach

Prevention is key, so be sure to take steps to prevent breaches from occurring in the first place by implementing strong security measures and regularly monitoring your systems for potential threats

Australia: Unprecedented surveillance bill rushed through parliament in 24 hours.

Australian police can now hack your device, collect or delete your data, take over your social media accounts - all without a judge's warrant. The Australian government has been moving towards a surveillance state for some years already. Now they are putting the nail in the coffin with an unprecedented surveillance bill that allows the [...]

Leave a minimal digital footprint

Your digital footprint paints a picture of who you are. Every day, whether we want to or not, most of us contribute to a growing portrait of who we are online; a portrait that is probably more public than we...
spot_img

Create a website from scratch

With our Website Development Service you can be up and running in no time and get yourself or your business visible to millions of potential clients online!

Cryptojackers and hackers

What qualifies as nightmare news for many cryptocurrency owners—prices of most major tokens taking another dive into the gutter—seems to not be that big a problem for cybercriminals who hijack hardware resources to mine it on someone else’s dime. The...

Amazon is finally getting serious about crypto and hopes to bring it to customers ‘as soon as possible,’ as it looks to hire a...

Amazon is finally getting serious about crypto technologies like bitcoin, a move that pushes the e-commerce giant into the burgeoning yet wildly volatile digital-currency space.