Sucuri researchers just came across a serious vulnerability that affects WordPress website databases. More particularly, a WordPress gallery plugin with more than 1 million active installations has been found to have a severe SQL injection flaw. The researchers say that:…
Are you a Windows user? If so, have you switched to Windows 10, or are you still running an older version of Microsoft’s operating system? According to new market share statistics by NetMarketShare, Windows 7 started growing again in February…
Another day, another vulnerability. Did you hear about the recently revealed remote code execution bug in all (except the latest) ESET Endpoint Antivirus 6 for macOS? The vulnerability in question has been identified as CVE-2016-9892. The vulnerability was discovered and…
Problems were reported with Google Chrome’s latest update. More particularly, Chromebook users were unable to reach the Internet. Chromebooks are primarily used in schools where the connection is protected by proxies like Symantec’s BlueCoat. In fact, the issue with the…
How about that? 2 million voice recordings of children and parents, together with e-mail addresses and passwords belonging to 800,000 accounts have been exposed. The reason? Insecure Internet-connected stuffed animal toys! Voice Recordings and Sensitive Data from Connected CloudPets Toys…
Google’s Project Zero reported to Microsoft a security bug in Edge and Internet Explorer 11 on November 25th, 2016, which still hasn’t been patched. The vulnerability, identified as CVE-2017-0037, would allow remote code execution where attackers could crash browsers and…
E2EMail, an experimental end-to-end encryption system developed by Google, was just made available for open-source usage. “E2EMail is not a Google product, it’s now a fully community-driven open source project, to which passionate security engineers from across the industry have…
In January 2017 the Federal Trade Commission started suing the Taiwanese router production company D-Link because of vulnerabilities in their Wi-Fi routing devices and web cameras. Those vulnerabilities could allow attackers to exploit the devices. Almost two months later, security…
After it was rebranded in 2016, Adwind, the famous remote access tool has been put to use once again. Attacks on more than 1,500 organizations have been reported, and at least 100 countries have been compromised, Kaspersky Lab report reveals.…
Hackers have been detected earlier this month to join almost every lobby in one of the biggest online competitive games out there – Counter Strike:Global Offensive. The hackers did not have any specific need, but a simple message they had…
The last time we wrote about the Necurs botnet was in January, when it was used in Locky ransomware distribution operations. Necurs has been primarily used to spread spam emails in order to infect user systems. The botnet usually infected…
F-Secure, the Finnish web security company, recently released a 34-page transcript from a group chat that belonged to the creators of Spora ransomware family. Spora is a ransomware virus, primarily targeting Russian speakers as evident by its payment page and…
Data breaches that affect the healthcare sector are a huge privacy and security disaster. As Dr. Mansur Hasib told us in an interview, the worst breach in healthcare so far was at Anthem (the Anthem medical data breach that took…
Do you use Chrome? Be alert as a new scam has been reported to target users. The scam has been dubbed “font wasn’t found” and was discovered by Mahmoud Al-Qudsi from NeoSmart Technologies. It has most likely originated from WordPress…
2016 has seen several powerful financial cybercriminal groups specifically targeting large and financially sound organizations. Multiple banks, payment processing systems, hotels, retailers and plenty of other businesses relying on PoS payments were brutally targeted. Details about such attacks were just…
It may come to no one’s surprise that the current ransomware ecosystem is being created and maintained mainly by Russian-speaking cyber criminals. Kaspersky’s research showed that 80% of all crypto-ransomware families originated from Russian underground forums and other similar sources…
The FBI is currently seeking 123 alleged cybercriminals globally, as reported by ITNews. The criminals should face charges before the US court. During the RSA Conference, Steven Kelly, international cybercrime coordination cell (IC4) unit chief, said that the number of…
It’s been a while since we last wrote about RAT-related attacks. However, this is about to change as а new RAT, Remcos, has been detected being sold on underground forums. First noticed in the second half of 2016, the malicious…
The Yahoo saga continues, as the company has again started notifying users of more malicious activities involving more user accounts. Apparently, attackers may have accessed user accounts via fake cookies instead of passwords. Unfortunately, the number of accounts accessed this…
Magento has been targeted once again by new malware that is capable of self-healing. This process is possible thanks to hidden code in the targeted website’s database. The researcher who came across the new malware pattern is Jeroen Boersma. However,…
