A new malware campaign has been discovered leveraging an increasing number of legitimate but compromised websites. The malicious operation has been built on social engineering tricks where users are prompted with fake but authentic update notifications, researchers reported. Fake Update…
Facebook just announced launching a Data Abuse Bounty program where people will be rewarded for reporting misuse of data by application developers. Facebook’s Data Abuse Bounty – the Details The Data Abuse Bounty is inspired by the already existing bug…
Computer security researchers uncovered a new malware tactic that uses a HTTP injector attack capable of harvesting mobile data connections. The criminals are actively using this strategy to gain free Internet access. HTTP Injector Attack Method Revealed Related Story: TeleRAT…
April 2018 Patch Tuesday has been rolled out. It contains 66 security fixes for vulnerabilities. One of the more intriguing patches involves an older Microsoft Outlook flaw that was first reported in 2016. However, according to Will Dormann, the vulnerability…
Computer hackers have uncovered a way to abuse the emergency alert services in an attack called SirenJack. This was made possible due to a newly discovered vulnerability in one of the vendors. An Ongoing SirenJack Attack Can Cause Widespread Panic…
CubeYou is yet another data analytics firm currently involved in a Facebook scandal, the CNBC reported. Apparently, the social media platform is suspending CubeYou due to unlawful collection of user information through quizzes. Related Story: 50 Million Facebook Profiles Exploited…
Due to the number of highly critical vulnerabilities in some of its products, Cisco has been the center of attention in the cybercrime world. The latest news regarding the company involves a new hacking group, JHT, which successfully hijacked a…
A new critical vulnerability has been found in Cisco IOS Software and Cisco IOS XE Software that could lead to remote code execution and a denial-of-service condition. An unauthenticated, remote attacker could execute arbitrary code to take full control over…
CVE-2018-0986 is the identifier of a brand new critical Windows vulnerability which resides in Microsoft Malware Protection Engine and affects Windows Defender. The flaw could trigger remote code execution when the engine doesn’t properly scan a specially crafted file leading…
A new piece of Android malware has been discovered. Dubbed KevDroid, the malware is being distributed in the form of a fake anti-virus application called Naver Defender. KevDroid is in fact a remote administration tool that steals sensitive data from…
A security team has detected ongoing LinkedIn phishing attacks that aims to infect users worldwide. Further information about the threat is given in this article. LinkedIn Phishing Attacks Unleashed By Unknown Hackers A security research team has discovered a series…
Google has just put in motion a new Web Store policy regarding Chrome extensions that mine cryptocurrency. There has been a significant uptick in malicious extensions, and the technology giant has decided to ban any such extension that harms users.…
The security community has discovered a dangerous exploit that allows computer criminals to exploit VPN connections and private browsers thereby accessing sensitive data. VPN Software & Browsers Vulnerable to WebRTC Exploit The security community has discovered a dangerous exploit that…
A new Android miner called “HiddenMiner” has been discovered by security researchers. It is a dangerous malware that has the potential to cause imminent device failure. Discovery of the HiddenMiner Android Miner A team of security experts uncovered a dangerous…
The popular CMS system Drupal has been found to contain a highly critical security vulnerability that affects Drupal versions 7 and 8. The flaw has been given the CVE-2018-7600 identifier. Drupal developers are urging admins to patch their websites as…
One of the hottest trends in malware design is AutoHotKey, security researchers say. AutoHotKey or AHK for short is an open-source scripting language that was written for Windows in 2003. In detail, the open-source language was initially aimed at providing…
Three critical vulnerabilities have found in Cisco products. More specifically, Cisco’s IOS and IOS XE contain two flaws – CVE-2018-0151 and CVE-2018-171. The third flaw concerns only Cisco IOS XE Software. If exploited, it could allow an unauthenticated, remote attacker…
Facebook Container is the name of a brand new add-on for Firefox that the Mozilla Foundation released to isolate Facebook and all of its domains from tracking users across the websites they visit while browsing. The add-on is built on…
Instead of fixing things, the patch Microsoft released for the Meltdown bug as part of the January 2018 Patch Tuesday – CVE-2017-5754 – caused further issues on Windows 7. The faulty patch allows user-level apps to read content from the…
Security researchers discovered that a new Android malware strain has plagued the Google Play Store. According to the released information more than 500K downloads of the virus have been initiated. The target applications that sever as the payload delivery mechanism…
