A new type of cryptojacking (cryptomining) worm has been detected in the wild. This cryptojacking worm is using vulnerable Docker hosts to spread, which is something rarely seen in malware attacks. Dubbed Graboid, the worm has spread to more than…
The following story can be described as a “hack the hackers” type of story. Apparently, one of the largest underground stores for purchasing stolen credit card data has been hacked itself. As a result, more than 26 million credit and…
Pitney Bowes, a mailing equipment and services company based in Stamford, Connecticut, has been hit by ransomware. The company says that no customer data has been compromised in the attack. According to the official statement, the company experienced an “outage”…
Security researchers reported the discovery of six serious vulnerabilities in WordPress. The vulnerabilities’ impact has been rated as “high”, meaning that patching as soon as possible is highly advisable. Six WordPress Vulnerabilities Fixed in WordPress 5.2.4 According to Symantec’s security…
CVE-2019-14287 is a new vulnerability discovered in Sudo. Sudo is considered one of the most important and widely used programs for Unix- and Linux-based operating systems that allows a permitted user to execute a command as the superuser or another…
According to a brand new research, Apple is sharing some browsing history with China. More specifically, the company is sending some browsing history of iOS 13 Safari users to Tencent Holdings Limited, a Chinese multinational conglomerate. Tencent specializes in various…
How educated are Americans on the various cybersecurity topics? The conclusion is, not enough. According to the results of a new Pew Research Center survey, 55% of Americans couldn’t identify what 2FA is. What is worse, just 30% of surveyed…
An unknown hacking group has been found to exploit Apple’s iTunes and iCloud programs in order to deploy ransomware. This is possible by using a zero-day vulnerability which allows the criminals to implant the malicious code without alerting any installed…
CVE 2019-1166 and CVE-2019-1338 are two vulnerabilities in Microsoft’s NTLM authentication protocol which were discovered by Preempt researchers. Fortunately, both flaws were patched by Microsoft in October 2019 Patch Tuesday. Attackers could exploit the flaws to achieve full domain compromise.…
iTerm2, a well-known open-source terminal emulator macOS app, has been found vulnerable to e critical flaw, which is known as CVE-2019-9535. The flaw was discovered during an audit sponsored by Mozilla, the company behind the Firefox browser. As for the…
SVE-2019-15435 is one of 21 vulnerabilities in Samsung devices which affect Galaxy S8, S9, S10, S10e, S10 Plus, S10 5G, Note 9, Note 10 and Note 10 Plus users. SVE-2019-15435 in particular is a critical issue, which is described as…
Webroot has released a new threat report which sums up what has been happening in the malware sector so far in 2019. The report is described as a “mid-year update to the annual Webroot Threat Report” and it showcases data…
A dangerous new hacking collective known as Mustang Panda is leveraging macro-infected documents to target users worldwide. The large-scale campaign appears to be against both public and private sectors. At the moment there is no information available about the intentions…
Hacking groups have been found to use outdated VPN software and specific exploits found in them to spy on the victims. This is according to several reports from government security agencies. This is particularly dangerous as the criminal collectives can…
LiLocked ransomware, also known as LiLu, is once again active in campaigns, this time affecting thousands of web servers. This is a new strain of the LiLocked ransomware which we wrote about in July this year. LiLocked Ransomware Currently Targeting…
