Browsing tag
On the Google Play Store, the cybersecurity analysts at Dr.Web have recently witnessed a major tip in trojan infiltration. Not only that even they have also detected one application that has more than 500,000 installs and steals users’ data from the notifications. The threat actors use these malicious applications that belong to a family of […]
QNAP, the maker of network-attached storage (NAS) appliances, has recently released a warning statement that its products might be vulnerable to recent Linux vulnerabilities that could be exploited to gain access to the affected systems. The vulnerability has been tracked as CVE-2022-0847, and this security flaw is a high severity flaw. Due to this critical […]
While malware distributors may have a harder time getting their malicious apps through Google’s automatic scanning and flagging system, but, SharkBot shows that they can easily bypass the company’s security barriers and even human or manual verifications. Although the app was unpopular, its presence in Google Play Store shows that nobody but the distribution platform […]
Cisco recently released a patch for a new generation of exploits that target some of its recently shipped products (Expressway Series and Cisco TelePresence Video Communication Server (VCS)). This security flaw leaves these devices susceptible to attacks, leaving them open to widespread vulnerabilities that Cisco promptly addressed by releasing the patch. On successful exploitation of […]
Several spyware campaigns have been discovered recently by the security researchers at Kaspersky Labs in which the industrial enterprises were targeted by the threat actors to steal corporate credentials and resell them. To evade detection, the threat actors use different types of spyware tools and deploy them for a very restricted time interval, as doing […]
The TDS (Traffic Direction System) of the Prometheus hacker group has been analyzed recently by the cybersecurity researcher of BlackBerry. During their investigation, they detected that there is a correlation with a leaked Cobalt Strike SSL key pair, and several other malware families as well. And not only that even they have also reported that […]
Since society depends on technology more and more, cybersecurity concerns increase as well. The digital world requires good security measures for businesses and organizations to not lose money and reputation. The United Kingdom ranks fifth for levels of cybersecurity preparation worldwide. However, it still faces numerous struggles. As for 2021, four in ten businesses and […]
Dynamic-link library (DLL) side-loading is an increasingly popular cyberattack method that takes advantage of how Microsoft Windows applications handle DLL files. In such attacks, malware places a spoofed malicious DLL file in a Windows’ WinSxS directory so that the operating system loads it instead of the legitimate file. What is DLL side-loading Attack? Generally in […]
Oscorp, a new Android malware stealing funds from the victims’ home banking service, by combining the usage of phishing kits and vishing calls. This new version of Oscorp malware was detected by Cleafy systems. According to the report, the geographical distribution of banks and other apps targeted by Oscorp includes Spain, Poland, Germany, Turkey, the […]
Earlier this year Microsoft announced Windows 11, and Microsoft hasn’t published this new operating system publicly. But, a few weeks ago Windows 11 was unofficially leaked before Microsoft released it to Windows Insiders. In short, the announcement of the new OS of Microsoft, Windows 11 has created a big hype on the internet world. And […]
Cybersecurity researchers Victor Viale, Sick Codes, Nick Sahler, Kelly Kaoudis, and John Jackson have recently detected a severe networking vulnerability in the Netmask npm package. In general, the apps use the Netmask to parse IPv4 addresses, and the CIDR relates them. Apart from this, the component has procured more than 238 million downloads till now […]
Recently, the cybersecurity researchers have detected a new malware that is targeting the Xcode developers by adopting the platform’s scripting abilities so that it can install a backdoor on macOS. Xcode is a free application development environment that is produced by Apple, and it enables the developers to construct different applications that operate on macOS, […]
Recently, Netgear has published security updates to inscribe 15 severe vulnerabilities in its JGS516PE Ethernet switch. These flaws involve an unauthenticated remote code execution vulnerability which is considered as one of the critical flaws. According to the cybersecurity analyst, this switch is unprotected to nine high-severity vulnerabilities, and among them, there are five medium-rated ones. […]
Once again Google has fixed another Zero-day vulnerability in the Chrome browser, and this is the second vulnerability that has been recently fixed by Google. However, Google has dispatched the new version “89.0.4389.90” on Friday for all the major platforms (Windows, Mac, and Linux), which is expected to come out in a few days/weeks to […]
The Kroger Company is the United States’ largest supermarket by revenue and the second-largest general retailer. Kroger operates almost 2,750 supermarkets in 35 states. Kroger employs approximately 500,000 people and had over $122 billion in sales for 2019. The company has confirmed that it was impacted by the data security incident affecting Accellion, Inc. Accellion’s […]
Yandex N.V. is a Russian Dutch-domiciled multinational corporation providing Internet-related products and services including transportation, search and information services, eCommerce, navigation, mobile applications, and online advertising. They provide over 70 services. Yandex is the popular leading search engine and E-mail provider in Russia. They announced that a data breach had been discovered during routine screening […]
EMSISOFT, Antivirus Firm revealed a data breach on one of their test systems. The company used the system to evaluate and benchmark possible solutions relating to the storage and management of the log data generated by their products and services. Quickly after becoming aware of the breach, the company took the affected system offline and […]
Livecoin Exchange announces closure following an alleged breach in December. The trading platform declares it will close and repay users any remaining funds. Livecoin servers were compromised last month, and the exchange lost control over its infrastructure. The attacker first modified the crypto exchange rates, inflating them to unrealistic figures. The attack stands out because […]
Tel Aviv-based threat intelligence firm Kela has warned gaming companies to improve their cybersecurity posture after discovering 500,000 breached employee credentials and a million compromised internal accounts on the dark web. With the rise of gamers and purchases, the online gaming industry is estimated to reach $196 billion in revenue by 2022. On the other hand, the […]
A creative Office 365 phishing campaign was discovered by WMC Global Analysis researchers that a legitimate login page of a Microsoft Account, but uses color inversion to avoid matching patterns from image recognition software, according to Kim Komando. “As image recognition software is improving and becoming more accurate, this new technique aims to mislead scanning engines […]
Maze ransomware, one of the most dangerous and potent strains of Windows ransomware that have hit companies and organizations around the world and demanded a payment in cryptocurrency in exchange for a safe recovery of encrypted data, has now officially announced the shutting down of its operations on its website on the dark web. Though […]