In the past few years, we have reported several record-breaking password data collections, pointing at large-scale data breaches. It seems that one of the largest such collections, dubbed RockYou2021, has now been shared on a popular hacker forum. Allegedly, the…
Microsoft just fixed 50 vulnerabilities in June 2021 Patch Tuesday, five of which rated critical, and the rest important. Six of the vulnerabilities are currently deployed in malicious attacks, three of which are publicly known. The actively exploited flaws include…
We all know about the scams and dangers often lurking in Google Play Store. Now it turns out that Apple App Store is not that different, either. According to a new analysis conducted by Washington Post, fraud is widespread across…
Siloscape is the name of the first known malware targeting entirely Windows Server containers with the intention to infect Kubernetes clusters in cloud environments. The malware was discovered by Palo Alto Unit 42’s security researcher Daniel Prizmant: In March 2021,…
To the attention of TikTok users and fans: the popular video-sharing service recently revised its U.S. privacy policy, allowing it to automatically collect biometric data from the content of its users. TikTok’s Latest Privacy Policy Change on Biometric Data Collection…
A digital wallet to store payment details and passwords for the European Union bloc should be available in the near future, according to a report by the Financial Times. The application will enable members in all 27 countries to store…
Amazon will be launching a new feature for its hardware devices, such as Echo speakers, Ring Video Doorbells, Ring Floodlight Cams, and Ring Spotlight Cams. Amazon Sidewalk Feature for Echo and Ring Devices The new feature, which will be available…
A critical vulnerability in HEP SIM could enable attackers to carry out remote code execution attacks, without the need of user interaction. The vulnerability has been assigned the CVE-2020-7200 number, and was originally disclosed in December 2020. Fortunately, the critical…
Security researchers from RiskIQ recently released a detailed analysis of the MobileInter skimmer, which is “a modified and expanded take on Inter skimmer code,” entirely focused on mobile users. “With nearly three out of every four dollars spent online done…
The Linux ecosystem is endangered by a new type of a backdoor with rootkit capabilities. The new malware is also capable of stealing information from the system, such as user credentials and device details, and executing arbitrary commands. Facefish: New…
Where’s Windows 10 Headed? What comes after Windows 10? Microsoft’s CEO Satya Madella recently teased about “the next generation of Windows” in a statement: Soon we will share one of the most significant updates to Windows of the past decade…
AnyDesk is a useful remote desktop access tool that has been installed by more than 300 million users. Unfortunately, hackers found a way to trojanize the application in a recent malvertising campaign. Legitimate AnyDesk App Tarteged by Malvertisers Cybersecurity researchers…
There’s a new vulnerability affecting the Apple Silicon M1 chip. Called M1RACLES, the vulnerability has been assigned the CVE-2021-30747 identifier. A newly discovered flaw in the design of the Apple Silicon M1 chip could enable any two applications running under…
The American manufacturing company Bose has admitted that a ransomware attack hit their systems. The attack was accompanied by a data breach. This sophisticated cyber incident was first detected by the company on March 7, 2021. According to an official…
CVE-2021-21985 is a critical vulnerability in VMware vCenter that needs to be patched immediately. The vulnerability has been rated with a CVSS score of 9.8 out of 10, and it could enable a malicious actor to execute arbitrary code on…
A team of security researchers identified a new type of attack that endangers Bluetooth devices. The vulnerabilities are located in Bluetooth Core and Mesh Profile Specifications, and could help attackers conceal their endeavours as legitimate devices to perform man-in-the-middle attacks.…
How private are Android apps? Security researchers discovered 23 mobile applications leaking the personal data of their users, and making it public to the open internet. According to a new Check Point research, chat messages, emails, locations, passwords, photos, and…
The adoption of cloud collaboration tools in organizations has increased, and so has the interest of hackers. According to a new research by Proofpoint, there has been an acceleration in threat actors exploiting Microsoft and Google’s cloud infrastructure to host…
Earlier this month, four security vulnerabilities in Qualcomm Graphics and Arm Mali GPU Driver that affected Android were patched. Since it is highly likely that the vulnerabilities were exploited in the wild, Google had to update its security bulletin. Four…
A recent announcement on the official Google blog revealed that the company has upgraded the functionalities of its Chrome browser. The Chrome password manager built-in tool which stores users’ login credentials for different sites has been set to detect security…
