Google continues its practice of scanning the data of Gmail users even though the company announced that they would stop using the Gmail content of consumer users for ad personalization. This controversial practice has been sighted to continue due to…
CVE-2018-1000136 is the identifier of a security vulnerability in the Electron framework used in popular apps such as Skype, Slack, Signal, and WhatsApp. The Electron framework is open-source and is created and maintained by GitHub. The flaw was discovered by…
Volkswagen has been found prone to car-hacking vulnerabilities, a detailed Computest report recently revealed. Researchers unearthed that the IVI systems (In-Vehicle Infotainment) in some Volkswagen models are vulnerable to remote hacking. These vulnerabilities could also lead to the compromise of…
Because of how popular it is among users worldwide, Facebook has often been leveraged in various scams and malware attacks. The social platform is regularly abused by cybercriminals who use it to spread their payloads via malicious links in messages.…
A new critical vulnerability has been discovered in Linux kernel up to version 4.16.5, security researchers just reported. The flaw, which is given the CVE-2018-10940 identifier is said to affect the function cdrom_ioctl_media_changed of the file drivers/cdrom/cdrom.c. Related Story: CVE-2018-8781:…
CVE-2018-10115 is the identifier of the latest security vulnerability discovered in 7-Zip that affects all the versions of the program prior to 18.05. More about 7-Zip 7-Zip is a free open-source archiver with a high compression ratio. The program is…
Smart assistants, such as Amazon Echo or Google Home, are changing habits and making the lives of more than 45 million users in the US more organized. Virtual home assistants may look like stylish music speakers matching your home interior.…
Twitter announced a critical security bug that has been identified in the service and is now prompting users to change their passwords. The problem lies in the way the account login passwords are stored in the internal database. Change Your…
Two magnetic tapes containing transaction details for 12 million accounts that belong to Australia’s Commonwealth Bank are missing. This incident is perhaps the largest data loss in Australia. Curiously, the incident stayed under the radar for two years – until…
2017 was a year of increasing menace for ransomware, its first real breakthrough year found it on the front-pages of mainstream media as well as highbrow IT publications. The rapid ascension of WannaCry, GoldenEye, NotPetya led to heightened apprehension and…
A security expert from Argentina has shed light on a new hacking tool called GetDvR that exploits the CVE-2018-9995 vulnerability against IoT devices. It is able to extract account credentials of DVR devices thereby accessing the devices and their video…
Check Point researchers recently decided to review the Linux kernel, and more specifically they looked into drivers trying to roll their own usage of the mmap() function. CVE-2018-8781 Official Description: The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version…
Facebook has been widely accused of being negligent and abusive in terms of the privacy of its users. However, it is not the only social network that has been caught at the crime scene. Apparently, Twitter has recently confirmed to…
Security researchers at Kromtech recently came across a MongoDB database that contained the personal details of more than 25,000 users who invested in the Bezop (BEZ) token. The database contained plenty of personal details including full names, home addresses, email…
Security researchers just discovered a new phishing attack that is responsible for the distribution of over 550 million emails since Q1 2018. The campaign was first detected in the beginning of January when it was observed targeting users on a…
This article is about a recent ransomware threat that has hit thousands of Hewlett-Packard Enterprise Integrated Lights-Out 4 interfaces or HPE iLO 4 for short. These interfaces provide access to HP Enterprise servers and their remote control. The ransomware threat…
The world’s biggest DDoS-for-hire service, Webstresser.org, is now down thanks to a coordinated international operation. The DDoS provider was shut down on Wednesday after a thorough investigation carried out by UK’s National Crime Agency and the Dutch National Police and…
Drupalgeddon continues with one more remote code execution bug has been discovered in content management system. Identified as CVE-2018-7602, the highly critical vulnerability affects Drupal versions 7.x and 8.x. Affected users should immediately upgrade to Drupal v7.59 and 8.5.3. The…
Cryptomining malware has dethroned ransomware as the number one cyber threat, and as such, it is evolving rapidly. That being said, a Python-based Monero miner using stolen NSA exploits and disabling security features has been discovered by security researchers. Related…
Security researchers at AdGuard recently revealed some interesting findings regarding the use of fake ad block extensions. There is evidence that some twenty million Chrome users have been tricked into downloading and installing rogue browser extensions concealed as ad blocking…
