CStealer is a new Trojan targeting Windows machines that tries to steal passwords stored in Google Chrome. Of course, this is not the first case of such a Trojan being detected in the wild. However, what is new here is…
Are you a Mixcloud user? You should know that the popular digital streaming platform has been through a data breach incident. Apparently, a hacker compromised Mixcloud earlier this month, and is now selling data belonging to 21 million user accounts…
The Common Weakness Enumeration organization has gathered a list of the 25 most dangerous software errors, consisting of the most widespread and critical weaknesses and vulnerabilities in software. In a prevalent number of cases, these weaknesses are easy to find…
Dexphot is one of the latest strains of polymorphic malware detected by security researchers. The malware attacked nearly 80,000 machines throughout the year. Dexphot Infected Tens of Thousands of Computers Dexphot was first detected in October 2018, and it has…
Ransomware has hit a cloud hosting service provider offering services to more than 110 healthcare organizations. Virtual Care Provider Inc., a Wisconsin-based IT company, has been providing its services to nursing homes and assisted living facilities, and is now struggling…
Ransomware infiltrated the systems that were running NYPD’s fingerprint database. The infection took place in October last year, after a contractor connected to the network to set up a digital display, reported New York Post. The incident led to the…
A new massive data breach was recently discovered by security researchers. Apparently, on October 16, 2019 Data Viper security researchers Bob Diachenko and Vinny Troia discovered a wide-open Elasticsearch server which contained “an unprecedented 4 billion user accounts spanning more…
Who would’ve thought that the face swap app we all have been enjoying on social media could be a tool that messes another person’s entire life or even a whole nation? Not everything we see is real – these lines…
A new Kaspersky report reveals that four common, open-source VNC (virtual network computing) remote desktop apps contain 37 vulnerabilities that could enable remote attacks. Four common open-source VNC apps contain 37 vulnerabilities The issue with desktop apps is that they…
Great news for bug bounty hunters – Google has announced that its Android Security Rewards (ASR) program is increasing its payouts. The highest bounty is now $1.5 million. Did you know? The Android Security Rewards (ASR) program was created in…
RIPlace is new ransomware bypass technique that was recently detected by security researchers. The technique relies on just a few lines of code to successfully evade built-in ransomware protection features, present in security solutions and Windows 10. The RIPlace technique…
A new malicious campaign had been discovered, carrying the Mispadu backdoor and banking Trojan. The backdoor is using a malvertising trick to spread, and is hiding behind a McDonalds ad to steal payment card information from users. For now, users…
There’s a new botnet currently targeting Linux servers which are running vulnerable Webmin applications. The botnet has been called Roboto. Netlab researchers were capable of capturing the Downloader and Bot modules of the botnet, and they believe that it also…
Artificial Intelligence (AI) promises to improve the performance of every major industry in the world by automating tasks that were earlier done by humans. As more companies now prefer to keep their data on the cloud and as instances where…
CVE-2019-2234 is a brand new vulnerability that affects Google and Samsung smartphones. The vulnerability, which can be described as a permission bypass issue, could allow attackers to hijack the device’s camera to take pictures or record video, even when the…
Skimming attacks are on the rise. Just yesterday we reported about a new skimmer, called Pipka, which is capable of deleting itself from the HTML code of infected pages. Perhaps Pipka is going to be the next big skimming malware…
Pipka is the name of a new JavaScript skimmer, currenting targeting e-commerce websites. The skimmer is stealing payment card details, such as account number, card expiration date, CVV number, and cardholder name and address from websites’ checkout pages. The Pipka…
There’s a new ransomware called NextCry which is currently targeting NextCloud users. NextCloud is a suite of client-server software for creating and using file hosting services. When it was first observed in the wild, NextCry wasn’t detected by any of…
A new security research reveals yet another security flaw that affects Android smartphones. A chain of two security bugs (CVE-2015-6639 and CVE-2016-2431) were discovered in the Qualcomm Secure World virtual processor, which, fortunately, have already been patched. So, what is…
The well-known criminal collective APT33 who has been carefully targeting individuals and organizations in the U.S., Asia, and the Middle East, has taken special care to make tracking more difficult, say Trend Micro researchers. APT33, who researchers believe is being…
