A critical vulnerability in HEP SIM could enable attackers to carry out remote code execution attacks, without the need of user interaction. The vulnerability has been assigned the CVE-2020-7200 number, and was originally disclosed in December 2020. Fortunately, the critical…
Security researchers from RiskIQ recently released a detailed analysis of the MobileInter skimmer, which is “a modified and expanded take on Inter skimmer code,” entirely focused on mobile users. “With nearly three out of every four dollars spent online done…
The Linux ecosystem is endangered by a new type of a backdoor with rootkit capabilities. The new malware is also capable of stealing information from the system, such as user credentials and device details, and executing arbitrary commands. Facefish: New…
Where’s Windows 10 Headed? What comes after Windows 10? Microsoft’s CEO Satya Madella recently teased about “the next generation of Windows” in a statement: Soon we will share one of the most significant updates to Windows of the past decade…
AnyDesk is a useful remote desktop access tool that has been installed by more than 300 million users. Unfortunately, hackers found a way to trojanize the application in a recent malvertising campaign. Legitimate AnyDesk App Tarteged by Malvertisers Cybersecurity researchers…
There’s a new vulnerability affecting the Apple Silicon M1 chip. Called M1RACLES, the vulnerability has been assigned the CVE-2021-30747 identifier. A newly discovered flaw in the design of the Apple Silicon M1 chip could enable any two applications running under…
The American manufacturing company Bose has admitted that a ransomware attack hit their systems. The attack was accompanied by a data breach. This sophisticated cyber incident was first detected by the company on March 7, 2021. According to an official…
CVE-2021-21985 is a critical vulnerability in VMware vCenter that needs to be patched immediately. The vulnerability has been rated with a CVSS score of 9.8 out of 10, and it could enable a malicious actor to execute arbitrary code on…
A team of security researchers identified a new type of attack that endangers Bluetooth devices. The vulnerabilities are located in Bluetooth Core and Mesh Profile Specifications, and could help attackers conceal their endeavours as legitimate devices to perform man-in-the-middle attacks.…
How private are Android apps? Security researchers discovered 23 mobile applications leaking the personal data of their users, and making it public to the open internet. According to a new Check Point research, chat messages, emails, locations, passwords, photos, and…
The adoption of cloud collaboration tools in organizations has increased, and so has the interest of hackers. According to a new research by Proofpoint, there has been an acceleration in threat actors exploiting Microsoft and Google’s cloud infrastructure to host…
Earlier this month, four security vulnerabilities in Qualcomm Graphics and Arm Mali GPU Driver that affected Android were patched. Since it is highly likely that the vulnerabilities were exploited in the wild, Google had to update its security bulletin. Four…
A recent announcement on the official Google blog revealed that the company has upgraded the functionalities of its Chrome browser. The Chrome password manager built-in tool which stores users’ login credentials for different sites has been set to detect security…
Here’s an illustrious example of irony in the cybersecurity field. Last week the French branch of cyberinsurance company AXA said it would no longer write policies to cover ransomware payments. Shortly after this announcement, the company’s operations in Thailand, Malaysia,…
Cybersecurity researchers just revealed a new dangerous banking trojan originating from Brazil and targeting Android users in Spain, Portugal, France, and Italy. Called Bizarro, the trojan is attempting to steal login credentials from customers of 70 banks. “Following in the…
The DarkSide ransomware group, known for the attack against Colonial Pipeline, has a new victim – a subsidiary of Japanese tech company Toshiba. The company has admitted to being a victim of a security breach caused by the DarkSide ransomware.…
Security researchers outlined a new ransomware trend that they have been observing – triple extortion. According to Check Point’s latest ransomware report, ransomware operators are now relying on the so-called triple extortion, where they are demanding ransom payments from the…
News reports indicate that Colonial Pipeline paid a ransom in the amount of $5 million to the DarkSide ransomware collective. The devastating attack has also created volatility in the fuel prices in the East Coast. Colonial Pipeline Pays Ransom “The…
To the attention of owners of Apple’s macOS and iOS devices: the Find My device function has been found vulnerable. The vulnerability could be exploited to transfer data to and from random passing devices, even without being connected to the…
Security researchers reported that an Object Injection Vulnerability is found in WordPress. The vulnerability impact has been rated as “critical” by the National Vulnerability Database. WordPress users should patch their sites as soon as possible. The Critical Object Injection Vulnerability…
