Browsing category
So far, 394 malicious apps have been identified that are spreading Anubis malware to steal financial and personal data from unsuspecting Android users. Security researchers at Lookout security firm have identified a notorious new mobile malware campaign disguised as an official Orange Telecom account management app from Orange S.A, a leading telecommunication service provider in France. Reportedly, […]
All a user required was to open Gumtree’s website and press the F12 button on Chrome or Firefox browsers to view users’ personal data. A UK-based classified site and used goods marketplace, Gumtree, exposed the home addresses of its users in its webpages source code. Gumtree is among the top 30 sites in Britain, and […]
Sennheiser left personal data of over 28,000 customers exposed on a misconfigured Amazon Web Services (AWS) server. According to a report from vpnMentor, the German audio equipment manufacturer, Sennheiser left an unsecured Amazon Web Services (AWS) server online. The server stored around 55GB of information on over 28,000 Sennheiser customers. AWS buckets are popular among […]
According to Grim Finance, it was an “advanced attack” in which hackers exploited a flaw in the vault contract. Grim Finance, a DeFi protocol, and Smart Yield Optimizer Platform has announced that the platform was hacked Saturday 18th in an “advanced attack” that allowed hackers to steal over $30 million worth of Fantom Tokens. In […]
Working from home (WFH) is not a piece of cake especially when cybercriminals exploited every possible vulnerability to break into your workstation. Cybercriminals are improving and refining their methods for preying on people’s anxieties about COVID-19. As a result, working from home has opened the door to new types of data theft. A lack of […]
Avast Threat Intelligence Team stated that it tried to notify the agency about the intrusion but didn’t receive any favorable response, which is why it decided to disclose its findings. Czech security firm Avast reported that a backdoor was identified in a US federal agency’s network, the United States Commission on International Religious Freedom (USCIRF). […]
The backdoors were detected during penetration testing by RedTeam Pentesting GmbH. On December 20th, it was reported that a backdoor was found in the network of a US Federal Agency. Now, RedTeam Pentesting researchers have identified multiple backdoors in a commonly used VoIP (voice over Internet protocol) appliance made by the German telecom hardware manufacturer […]
Last Friday, the highly anticipated film Spider-Man: No Way Home was released, and fans are desperate to find tickets, sold out since the pre-sale in various countries. This phenomenon has not gone unnoticed by cybercriminals, who quickly implemented a malicious campaign to deceive unsuspecting users. A report by security firm Kaspersky warns that a cybercriminal […]
Jason Sallman is a cryptocurrency investment advisor who enjoys considerable popularity on social media, primarily Instagram, where he has nearly 40,000 followers. Unfortunately, profiles like Sallman’s never go unnoticed by threat actors, who have found a new method of fraud using fake profiles of businessmen, celebrities and other public figures. According to a CNBC report, […]
Microsoft released Cumulative Update 11 (CU11) on September 28, 2021. It also released two new Security Updates for Exchange Server 2019 CU11 in October and November 2021, containing all previous hotfixes and patches to fix Exchange Server security and non-security issues. If your organization is running an older Exchange Server 2019 build, it is highly […]
After several days of uncertainty and confirmed attacks, the Apache Software Foundation has finally released an update to address CVE-2021-44228, the zero-day vulnerability that caused problems for thousands of online platforms using the Log4j log library. The vulnerability, also known as Log4Shell, can be exploited by forcing Java applications and servers to register a specific […]
As a preventive measure, Quebec, Canada, decided to shut down some 4,000 government websites due to the risk of exploitation of a critical vulnerability affecting a popular registration system. Éric Caire, minister of digital transformation of the region, mentions that this vulnerability would put online platforms in the education, health and public administration sectors at […]
The malware is dubbed CrypBot is essentially an information stealer that can obtain credentials for cryptocurrency wallets, browsers, credit cards, browser cookies, and capture screenshots from compromised devices. Cybersecurity solutions provider Red Canary revealed in its recent blog post that a malicious KMSPico installer is carrying malware that can steal user information from cryptocurrency wallets, […]
Dubbed Nickel by Microsoft; the group of Chinese hackers was actively using the websites for intelligence gathering from thanks tanks, human rights organizations, and government agencies in 29 countries. The Microsoft Digital Crimes Unit disrupted the activities of a hacking group based in China after a federal court allowed the company to seize the websites […]
Amazon Web Service (AWS) is suffering a major service outage that is affecting popular platforms in regions where the company provides services. The cloud service and hosting provider Amazon Web Service (AWS) is going through a service outage affecting popular platforms such as Netflix, Roku, Disney Plus, gaming platforms including PUBG, Valorant, and League of […]
Google has also filed a lawsuit against the alleged Russian threat actors and operators of Glupteba Botnet. On December 07th, 2021, Google revealed that it disrupted the Command and Control infrastructure of the Glupteba blockchain botnet targeting Windows devices. The company has now filed a lawsuit against the botnet’s Russian operators. What is Glupteba? Glupteba […]
If exploited, an unauthenticated, remote attacker can execute code as a “nobody user” in the device meaning attacker would get root access and gain full control of the device. SonicWall, a renowned network security vendor is urging users to immediately update their SMA 100 [PDF] series devices with the latest version after detecting multiple security […]
The Unit’s boss Gen. Paul Nakasone said that the US military computer operatives are ready to target ransomware gangs and state actors, whoever poses a threat to critical US infrastructure. The US military’s hacking division called Cyber Command is taking aggressive steps to fight cybercrime gangs targeting American organizations with ransomware. According to the unit’s […]
Kali Linux 2021.4 comes with several improved features, including Samba compatibility, better Apple M1 support, switching package manager mirrors – Download Kali Linux 2021.4 now. Offensive Security has finally released Kali Linux 2021.4. The release has been grabbing headlines for the array of new capabilities and tools embedded with. Here’s a look at what’s included […]
Apache has released Log4j version 2.15.0 to address the critical RCE vulnerability and users are urged to apply the update immediately. The Apache Foundation’s Log4j is a widely used open-source tool by enterprise apps and cloud services. The bad news is that a security vulnerability has been identified in this tool, reported by Alibaba Cloud […]
In a growing trend, football teams around the world are looking to make millions of dollars through the sale of crypto “fan tokens”. A recent research notes that, in Europe alone, fans have spent some $350 million USD on these virtual files related to their beloved football clubs. Although these tokens have allowed fans to […]