Security researchers are warning that cybercriminals are leveraging an older SQL injection security flaw, known as CVE-2019-7481. The vulnerability is located in SonicWall Secure Remote Access (SRA) 4600 devices that run firmware versions 8.x and 9.x. CVE-2019-7481 Currently Used in…
Hackers recently breached Electronic Arts (EA), a company which is a leading publisher of games. As a result of the hack, FIFA’s source code and other related software and developer kits were stolen. The company is currently investigating the attack.…
Have you patched your Chrome browser? Google just fixed a serious vulnerability in its browser, stemming from a type confusion issue in its V8 open-source engine. Tracked as CVE-2021-30551, the vulnerability was discovered by Sergei Glazunov from Google Project Zero.…
Intel just released 29 security advisories addressing 132 various issues in the BIOS firmware of Intel processors. Affected products include Bluetooth products, Active Management Technology tools, the NUC Mini PC machines, and Intel’s own security library. According to Jerry Bryant,…
In the past few years, we have reported several record-breaking password data collections, pointing at large-scale data breaches. It seems that one of the largest such collections, dubbed RockYou2021, has now been shared on a popular hacker forum. Allegedly, the…
Microsoft just fixed 50 vulnerabilities in June 2021 Patch Tuesday, five of which rated critical, and the rest important. Six of the vulnerabilities are currently deployed in malicious attacks, three of which are publicly known. The actively exploited flaws include…
We all know about the scams and dangers often lurking in Google Play Store. Now it turns out that Apple App Store is not that different, either. According to a new analysis conducted by Washington Post, fraud is widespread across…
Siloscape is the name of the first known malware targeting entirely Windows Server containers with the intention to infect Kubernetes clusters in cloud environments. The malware was discovered by Palo Alto Unit 42’s security researcher Daniel Prizmant: In March 2021,…
To the attention of TikTok users and fans: the popular video-sharing service recently revised its U.S. privacy policy, allowing it to automatically collect biometric data from the content of its users. TikTok’s Latest Privacy Policy Change on Biometric Data Collection…
A digital wallet to store payment details and passwords for the European Union bloc should be available in the near future, according to a report by the Financial Times. The application will enable members in all 27 countries to store…
Amazon will be launching a new feature for its hardware devices, such as Echo speakers, Ring Video Doorbells, Ring Floodlight Cams, and Ring Spotlight Cams. Amazon Sidewalk Feature for Echo and Ring Devices The new feature, which will be available…
A critical vulnerability in HEP SIM could enable attackers to carry out remote code execution attacks, without the need of user interaction. The vulnerability has been assigned the CVE-2020-7200 number, and was originally disclosed in December 2020. Fortunately, the critical…
Security researchers from RiskIQ recently released a detailed analysis of the MobileInter skimmer, which is “a modified and expanded take on Inter skimmer code,” entirely focused on mobile users. “With nearly three out of every four dollars spent online done…
The Linux ecosystem is endangered by a new type of a backdoor with rootkit capabilities. The new malware is also capable of stealing information from the system, such as user credentials and device details, and executing arbitrary commands. Facefish: New…
Where’s Windows 10 Headed? What comes after Windows 10? Microsoft’s CEO Satya Madella recently teased about “the next generation of Windows” in a statement: Soon we will share one of the most significant updates to Windows of the past decade…
AnyDesk is a useful remote desktop access tool that has been installed by more than 300 million users. Unfortunately, hackers found a way to trojanize the application in a recent malvertising campaign. Legitimate AnyDesk App Tarteged by Malvertisers Cybersecurity researchers…
There’s a new vulnerability affecting the Apple Silicon M1 chip. Called M1RACLES, the vulnerability has been assigned the CVE-2021-30747 identifier. A newly discovered flaw in the design of the Apple Silicon M1 chip could enable any two applications running under…
The American manufacturing company Bose has admitted that a ransomware attack hit their systems. The attack was accompanied by a data breach. This sophisticated cyber incident was first detected by the company on March 7, 2021. According to an official…
CVE-2021-21985 is a critical vulnerability in VMware vCenter that needs to be patched immediately. The vulnerability has been rated with a CVSS score of 9.8 out of 10, and it could enable a malicious actor to execute arbitrary code on…
A team of security researchers identified a new type of attack that endangers Bluetooth devices. The vulnerabilities are located in Bluetooth Core and Mesh Profile Specifications, and could help attackers conceal their endeavours as legitimate devices to perform man-in-the-middle attacks.…
