Pipka is the name of a new JavaScript skimmer, currenting targeting e-commerce websites. The skimmer is stealing payment card details, such as account number, card expiration date, CVV number, and cardholder name and address from websites’ checkout pages. The Pipka…
There’s a new ransomware called NextCry which is currently targeting NextCloud users. NextCloud is a suite of client-server software for creating and using file hosting services. When it was first observed in the wild, NextCry wasn’t detected by any of…
A new security research reveals yet another security flaw that affects Android smartphones. A chain of two security bugs (CVE-2015-6639 and CVE-2016-2431) were discovered in the Qualcomm Secure World virtual processor, which, fortunately, have already been patched. So, what is…
The well-known criminal collective APT33 who has been carefully targeting individuals and organizations in the U.S., Asia, and the Middle East, has taken special care to make tracking more difficult, say Trend Micro researchers. APT33, who researchers believe is being…
The first ransomware attack happened in 1989. Although primitive by today’s standards, the concept was the same. The virus locked hard drive files, and users needed to pay $189 to “PC Cyborg Corporation” to get the repair disk. Sound familiar?…
The next bug report is related to Facebook and Apple. Apparently, Facebook has just said it will fix a bug that unintentionally accesses the camera of an iPhone while the user is scrolling through the app’s News Feed. The issue…
Cybersecurity conferences provide a significant opportunity for professionals to expand their network, learn from their peers about new developments, gain new insights, and exchange ideas with industry experts. Staying up-to-date with the rapid advancements in tackling security is relentless but…
There is a serious loophole in Mac security, and it is related to macros. The issue affects the Mac version of Microsoft Office. According to the official advisory, “the Microsoft Office for Mac option “Disable all macros without notification” enables…
A TrendMicro employee has been stealing consumer information and selling it to tech support scammers. The company made an announcement regarding this security incident, in which in becomes clear that unauthorized disclosure of personal data of some customers has been…
Phishing has been evolving steadily over the years. As a result, cybercriminals have learned to exploit technical markers such as browser identification, geo-locations and operating system to enable granular targeting. However, these are not the only markers phishers have been…
Security researchers recently discovered a new server “hosting a large stockpile of malicious files”. The analysis shows that malicious actors are targeting a number of organizations with the help of a command-and-control server. This server is hosting samples of ransomware…
“Cybersecurity is the Biggest Threat to the World Economy, CEOs Say” So reads the July 9 headline of a major news publication on its website just two short months ago. Concerns about internet and network security have been around for…
GandCrab (or just Crab) ransomware definitely changed the rules of the ransomware game. The operators behind the infamous cryptovirus created a very profiting business model which others quickly adopted. For example, let’s have a look at the so-called Sodinokibi ransomware.…
Several camgirl websites, operated by Barcelona-based VST Media have been exposed. The exposure of data affects both sex workers and users. The reason for the exposure is an unprotected back-end database. Affected users are mostly based in Span and Europe,…
CVE-2019-13720 is a new vulnerability in Chrome. Google is warning users that this use-after-free vulnerability in the browser’s audio component is currently being exploited in the wild. CVE-2019-13720: some details CVE-2019-13720 was discovered by Kaspersky security researchers Anton Ivanov and…
According to a new Armor report, at least 13 managed service providers (MSPs) have been attacked by ransomware. Due to the nature of an MSP company, attacks on their infrastructure usually have many negative outcomes. A managed service provider manages…
The Italian branch of UniCredit just revealed information about a data breach involving the personal records of 3 million clients. This is the third security incident affecting Italy’s top bank in recent years, Reuters reported. UniCredit Data Breach Affects Millions…
California — keeping with its tradition as a groundbreaker in privacy-related legislation in the US — has passed the strictest data privacy law in the nation, the California Consumer Privacy Act (CCPA), which will be enforceable January 1, 2020, onward.…
CVE-2019-17093 is a vulnerability discovered in all editions of Avast and AVG Antivirus programs. The issue could allow an attacker to load malicious DLL files to bypass protection and achieve persistence on compromised systems. It should be noted that exploiting…
17 infected apps were discovered in the Apple App Store. The apps contained a Trojan clicker type of malware, which communicated with a known command-and-control server to simulate user interactions. Clicker malware is usually deployed for ad fraud, and so…
