California — keeping with its tradition as a groundbreaker in privacy-related legislation in the US — has passed the strictest data privacy law in the nation, the California Consumer Privacy Act (CCPA), which will be enforceable January 1, 2020, onward.…
CVE-2019-17093 is a vulnerability discovered in all editions of Avast and AVG Antivirus programs. The issue could allow an attacker to load malicious DLL files to bypass protection and achieve persistence on compromised systems. It should be noted that exploiting…
17 infected apps were discovered in the Apple App Store. The apps contained a Trojan clicker type of malware, which communicated with a known command-and-control server to simulate user interactions. Clicker malware is usually deployed for ad fraud, and so…
Security researchers uncovered a dangerous new hacking mechanisms which allows criminals to launch devastating attacks against content delivery networks. The new attack type is known as CPDoS which stands for “Cache-Poisoned Denial-of-Service “, this is categorized is a type of…
A bunch of critical security vulnerabilities affect Mozilla Firefox browser. Another high-severity flaw was also discovered in Google Chrome. It appears that all bugs could lead to arbitrary code execution. According to an advisory by MS-ISAC (Multi-State Information Sharing and…
When we think of cybercrimes against businesses, it can be easy only to consider the immediate effect: the data that is stolen by hackers during the breach. However, there is actually far more to think about. Here we take a…
A recently published report reveals that hacking groups are using a virus designed for ATM machines called Cutlet Maker, the attacks of this type are also known as “jackpotting”. This is due to the fact that when the virus is…
The Skip-2.0 malware is a dangerous threat which is being launched by a hacking group known as Winnti. These hackers are referred to as a mega-collective as several smaller hacking groups use this name to identify themselves. The criminals are…
The Agent Tesla malware is among the most popular tools used by hackers in order to launch global phishing campaigns. The analysis shows that the CVE-2017-11882 vulnerability is being used in combination with malware documents in order to lead to…
A new serious Wi-Fi vulnerability has been reported by security researchers, this time in Linux. The vulnerability which resides in the rtlwifi driver that mainly supports the Realtek Wi-Fi chips model used in Linux devices, could allow attackers compromise a…
A security report indicates that a new malware is being launched against victims worldwide, this time this is the Phorpiex botnet. The criminals use a sextortion social engineering scam that manipulates the recipients into thinking that they need to pay…
Remember the KRACK vulnerabilities? The vulnerabilities were uncovered in 2017 when a team of experts engineered a dangerous exploit called the Krack Attack which makes it possible for malicious users to eavesdrop on Wi-Fi traffic between computers and other network…
A new type of cryptojacking (cryptomining) worm has been detected in the wild. This cryptojacking worm is using vulnerable Docker hosts to spread, which is something rarely seen in malware attacks. Dubbed Graboid, the worm has spread to more than…
The following story can be described as a “hack the hackers” type of story. Apparently, one of the largest underground stores for purchasing stolen credit card data has been hacked itself. As a result, more than 26 million credit and…
Pitney Bowes, a mailing equipment and services company based in Stamford, Connecticut, has been hit by ransomware. The company says that no customer data has been compromised in the attack. According to the official statement, the company experienced an “outage”…
Security researchers reported the discovery of six serious vulnerabilities in WordPress. The vulnerabilities’ impact has been rated as “high”, meaning that patching as soon as possible is highly advisable. Six WordPress Vulnerabilities Fixed in WordPress 5.2.4 According to Symantec’s security…
CVE-2019-14287 is a new vulnerability discovered in Sudo. Sudo is considered one of the most important and widely used programs for Unix- and Linux-based operating systems that allows a permitted user to execute a command as the superuser or another…
According to a brand new research, Apple is sharing some browsing history with China. More specifically, the company is sending some browsing history of iOS 13 Safari users to Tencent Holdings Limited, a Chinese multinational conglomerate. Tencent specializes in various…
How educated are Americans on the various cybersecurity topics? The conclusion is, not enough. According to the results of a new Pew Research Center survey, 55% of Americans couldn’t identify what 2FA is. What is worse, just 30% of surveyed…
An unknown hacking group has been found to exploit Apple’s iTunes and iCloud programs in order to deploy ransomware. This is possible by using a zero-day vulnerability which allows the criminals to implant the malicious code without alerting any installed…
