Weaknesses in e-commerce portals are being exploited to deploy a Linux backdoor as well as a credit card skimmer that’s capable of stealing payment information from compromised websites. “The attacker started with automated e-commerce attack probes, testing for dozens of weaknesses in common online store platforms,” researchers from Sansec Threat Research said in an analysis. […]
Cybersecurity specialists report the detection of a critical vulnerability in Popular Posts, a plugin for the content management system (CMS) WordPress. According to the report, the successful exploitation of this flaw would allow threat actors to deploy multiple risk scenarios. Tracked as CVE-2021-42362, this flaw exists due to improper file validation during upload to ~/src/Image.php, […]
Authorities in the Indian state of Haryana have announced the arrest of two individuals accused of falsifying hundreds of birth and death certificates by hacking into various government websites. The local police’s Cybercrime Unit managed to identify the defendants, leading to their arrest. At the time of their arrest, the defendants were seized two laptops, […]
In December 2020, several U.S. states filed a lawsuit against Google for engaging in alleged anti-competitive practices in the field of digital advertising. One of the main arguments of the plaintiff states was that the tech giant deliberately limited unpublished ads on Accelerated Mobile Pages (AMP) and now, almost a year later, some details about […]
Cybersecurity specialists notified WordPress of the detection of two vulnerabilities in the popular Ninja Forms plugin. According to the report, successful exploitation of the flaws could allow malicious hackers to extract sensitive information and send phishing emails from compromised websites. The report, presented by Wordfence, mentions that the flaw in this plugin with more than […]
The Texas Republican Party is now asking for donations to secure its website from further attacks from Anonymous and “Pro-abortion activists.” The official website of the Texas Republican Party was hacked and defaced by the Anonymous hacktivist collective on Saturday the 12th. The group carried out the cyber attack to protest the new abortion law […]
Governments and regimes across the globe use censorship as a tool to control the flow of information. This article highlights how one can use VPN to access blocked websites. If your country censors the internet and blocks sites like Facebook, Twitter, or YouTube then a VPN is what you need. When a user visits a […]
Threat actors used Google Ads to buy top slots on Google search engine to advertise fake Brave browser websites which delivered malware as the browser’s download file. According to one of the Brave browser’s developers Jonathan Sampson, a fake Brave browser website was featured at the top of Google search results after threat actors exploited […]
British Art Collector Bought Fake Banksy NFT for £240,000 ($336,000) – Scammer Returned Stolen Funds Later. An art collector in the United Kingdom was scammed into spending more than £240,000 ($336,000) for NFT (non-fungible token) by an online scammer. Reportedly, the anonymous investor purchased the token after receiving notification of its sale by an unknown […]
The US government is also offering $10 million in rewards for information on foreign hackers involved in ransomware attacks on the United States. With the recent wave of ransomware attacks deeply impacting businesses across the United States, Washington has decided to take direct action. In the latest, it has announced rewards that go up to […]
Oregon Native Talon White was Charged for Offering Illegal Streaming of Copy-right Protected Content. Infamous Poker player Talon White has received 12 months of a prison sentence after being involved in the illegal streaming of thousands of copyright-protected TV shows and movies through his numerous subscription-based websites. SEE: Best legal, free online streaming sites for […]
Setting up your own website is easier than ever before. There are dozens of great platforms, but when it comes to building your website, it is of course a little more complex. There’s so much to consider when building your site, whether it be for eCommerce, a portfolio, a news site, a blog, or any […]
Besides Press TV; there are at least 6 additional regional websites that are currently displaying notices of seizure apparently uploaded by the US authorities. The official website of Press TV (Presstv.com), an Iranian state-owned news and documentary network has been allegedly seized by the FBI (Federal Bureau of Investigation), Hackread.com has learned. The development has […]
Cybersecurity specialists report the detection of a cross-site scripting (XSS) vulnerability in SEOPress, a popular WordPress plugin for search engine optimization (SEO), allowing webmasters to manage SEO metadata, social media cards, Google Ads settings and other useful features. Currently this plugin has more than 100 thousand active installations, so this report should be taken seriously. […]
Cybersecurity specialists reported the discovery of a severe flaw in the design of some middlebox models, a term referring to computer network devices that transform, inspect, filter and manipulate traffic for purposes other than packet forwarding. Some implementations of these devices include the use of firewalls, network address translators (NATs), and deep packet inspection (DPI) […]
Phishing remains one of the most common and dangerous criminal practices for users in general, and every day new and dangerous tools emerge to deploy this attack variant. On this occasion, the experts of the cybersecurity awareness course of the International Institute of Cyber Security (IICS) will show you the operation of Shark, a powerful […]
Cybersecurity specialists report remote code execution (RCE) vulnerability detection and privilege escalation on cPanel &WHM, the popular web hosting platform. According to the report, these flaws can be exploited through a known cross-site scripting (XSS) vulnerability, which would put some 170 thousand websites at risk. In the tests, the experts demonstrated the exploitation of the […]
Wordfence specialists discovered a critical vulnerability in Download Manager, one of the most popular WordPress plugins. Tracked as CVE-2021-34639, the flaws reside in the aforementioned plugin and could allow threat actors to execute arbitrary code under certain circumstances. To be precise, the flaw could allow authors and other users with the ability upload_files load files […]
This was a difficult weekend for those users looking for new options to browse the Internet. A security report points to the detection of a malicious campaign in which users were tricked into downloading the Brave browser from a fake ad that redirected them to a malicious website. The website used by the hackers is […]
Information gathering phase shows how an pentester should prepare for his next phases. Because in this phase pentester have to collect information about their target as much possible. Their are many automation tools which are used in gathering information. Today we will show an python script used in gathering information. Vxscan is an extensive scanning […]
A set of security flaws in ProfilePress, a popular WordPress plugin would allow threat actors to deploy remote code execution attacks. According to Wordfence experts, a total of four security flaws were detected that received a score of 9.8/10 on the Common Vulnerability Scoring System (CVSS) scale and their successful exploitation would allow hackers to […]