Browsing tag
Ethical hacking specialists report a serious ransomware incident that has infected internal networks at TrialWorks, a platform that provides a legal case management software service. During the incident, more than 10% of the platform’s users were unable to access their accounts and files. The incident would have occurred during the first two weeks of October, […]
Big cities have always been one of the hackers’ favorite targets. This time, a group of threat actors managed to compromise the computer networks of Johannesburg, South Africa’s commercial capital, trying to get a huge ransom. According to experts in web application security, as a security measure the city government decided to suspend the operations […]
A group of ethical hacking experts has discovered a malware variant present in at least 17 apps for Apple, all available in the App Store. The company has started to remove malicious apps from the official store, although it is reported that a considerable number of users would have downloaded at least one of these […]
According to digital forensics specialists, Amazon Web Services (AWS), the technology giant’s cloud computing services division, has been the victim of a sustained denial of service (DoS) attack. Apparently, the threat actors kept the attack for more than eight hours. The attack affected the company’s DNS Router 53 service, although many other outages were reported […]
Vulnerability testing specialists report the finding of a new security flaw across multiple versions of Android OS (full report here). By default, no Android app can perform operations that negatively impact other apps, the operating system or the user, so activities such as reading or writing to private data, accessing the files of another app, […]
A new measure against misuse of personal information involves severe penalties for executives of any company. According to data protection experts, the US Congress has proposed a new bill known as the “Mind Your Own Business Act”. As set forth in this project, senior executives of any company who engage in erroneous information management practices […]
Information security specialists reported a serious ransomware infection at automation company Pilz, based in Germany. For more than a week, the company’s operations have been disrupted due to infection with the dangerous encryption malware variant known as BitPaymer. On its website, the company released a statement that says: “Pilz has been the victim of a […]
A group of information security specialists from the security firm WizCase (complete report here) has reported the finding of multiple data leaks from medical websites and software solutions around the world. The compromised information includes prescriptions, diagnoses, Social Security numbers and, in many cases, full names and addresses. All databases were found unsecured, as experts […]
Virtual private network services (VPN) company NordVPN has revealed a hacking incident that occurred last year. According to web application security experts, in March 2018 a threat actor broke into one of the company’s servers, located in Finland, exposing some data on the browsing habits of its customers. NordVPN states that the server did not […]
The team of web application security specialists at vpnMentor has discovered a massive breach in a database operated by Autoclerk, a reservation management system owned by Best Western Hotels & Resorts Group. Because this database is connected to some platforms related to travel and hospitality services, this could be a real danger to thousands of […]
A recent investigation by vulnerability testing specialists at security firm SafeBreach Labs has revealed the presence of a critical vulnerability in the Avira 2019 antivirus tool software. Tracked as CVE-2019-17449, this vulnerability could have been used to evade target system defenses, gain persistence, and perform privilege escalations by loading an arbitrary dynamic link library (DLL) […]
The activities of government-sponsored hacker groups can have disastrous consequences. A group of digital forensics experts from ESET has revealed the existence of a new malware developed by Winnti, a hacking group backed by the Chinese government, with the purpose of gaining persistence in a targeted Microsoft SQL Server system. Identified as skip-2.0, this malware […]
Even security companies are exposed to cyberattacks. IT system audit specialists report that security software developer Avast has become victim of an attack on their internal networks. Through a statement, the Czech-based company mentioned that hackers most likely tried to inject malware into the CCleaner tool code, similar to the incident occurred a couple of […]
A new hacking incident against famous actresses has been revealed. Cybersecurity experts report that singer and actress Demi Lovato has become the victim of a threat actor, an incident that led to the mass posting of some intimate photos. Hackers exposed online some screenshots of the actress’ Instagram and Snapchat accounts; although his face is […]
According to digital forensics experts, Cisco has embarked on a new workday full of security patches to fix multiple critical vulnerabilities present in its Aironet wireless access points, widely used by small and medium companies. The company also released additional security patches to fix various flaws in other of its products. The most severe of […]
A new security flaw has caught the attention of vulnerability testing experts. A recently published report mentions that a severe vulnerability in the Linux operating system could allow a nearby device to use a WiFi signal to lock or compromise the target machine. The vulnerability resides in the RTLWIFI driver, used for compatibility of Realtek […]
Digital forensics specialists report a new attack method consisting of the use of WAV audio files to hide and deliver backdoors and software for the mining of the Monero cryptocurrency on infected systems. Other variants of this method injected malware by hiding their payloads in JPEG or PNG image files using steganography, a technique widely […]
Cybercrime has been severely struck. Thanks to the extensive work of the authorities in various countries, and a leak of IP addresses, web application security experts and law enforcement agencies were able to dismantle the operations centre of the person in charge of one of the largest child pornography websites. Hundreds of people have already […]
A report by vulnerability testing experts states that a relatively old WiFi vulnerability affects millions of Amazon Echo and Kindle devices from different generations. This flaw, known as a KRACK attack, allows threat actors to deploy Man-in-The-Middle (MiTM) attacks to access a WiFi network with WPA2 protection. The Key Reinstallation Attack (KRACK) vulnerability was first […]
IT security audit researchers at security firm Safety Detectives have revealed a massive data leak (up to 2 terabytes) hosted on an Elastic Server. The flaw affects around 3.5 million users of websites Pouringpounds.com and Cashkaro.com in India and the United Kingdom, whose data is already on sale on dark web. Both websites are operated […]
You never know where a hacker might appear. Digital forensics specialists report that a teenager managed to infiltrate the systems of a high school in the suburbs of Maryland, US, to extract personal information, academic registers, and SAT test scores from more than 1300 students. In a statement, Montgomery County revealed that the young man […]