In March, 2021, Sentinel Labs researchers became aware of a trojanized Xcode project targeting iOS developers. The project was a malicious version of a legitimate, open-source project available on GitHub, enabling iOS programmers to use several advanced features for animating…
According to a new CISA security advisory, several vulnerabilities exist in the OpENer EtherNet/IP that could lead to denial-of-service attacks, remote code execution, and data leaks against industrial systems. Versions of OpENer released before February 10, 2021 are exposed to…
Remember the slew of vulnerabilities putting Microsoft Exchange servers at risk of various attacks? ProxyLogon Vulnerabilities Used in Cryptojacking Attacks Now another danger should be added to the threat list – cryptojacking also known as cryptocurrency mining. SophosLabs researchers discovered…
How safe are your applications, and how secure are you while using them? Multiple One-Click Bugs in Popular Applications Security researchers reported the abundance of one-click vulnerabilities in multiple popular software apps, allowing threat actors to perform arbitrary code execution…
This month’s Patch Tuesday fixes 110 security vulnerabilities, 19 of which are classified as critical, 88 important, and one under active exploitation. Five of the vulnerabilities are zero-days. CVE-2021-28310 Under Active Exploitation CVE-2021-28310, the vulnerability under attack, is a Win32k…
“On 13th of April 2021, SAP Security Patch Day saw the release of 14 Security Notes,” the most dangerous of which affects its Business Client product. The SAP Business Client Bug The vulnerability resides in the Business Client product, which…
Cracked software is not safe to use, and there are plenty of examples to prove that. Hackers often utilize cracked copies of legitimate programs to spread malware. By downloading the program, the user may also get a trojan horse, backdoor,…
Adobe recently released patches addressing four critical vulnerabilities in Adobe Bridge, and several other flaws in Adobe Digital Editions, Photoshop and RoboHelp. The April update contains all the necessary patches that need to be applied as soon as possible. Fortunately,…
Indian security researcher Rajvardhan Agarwal recently published a proof-of-concept code for a brand new vulnerability affecting Google Chrome, Microsoft Edge, Brave, and Opera (all Chromium-based). The vulnerability resides in the V8 JavaScript engine, and it’s most likely the same flaw,…
Remember Stuxnet? Described as “the first digital weapon,” the devastating computer worm caused substantial damage to Iran’s nuclear program. Natanz Incident: What Happened? According to an announcement made on Sunday, Iran shared that an accident impacted the electricity distribution network…
Several days ago, we reported a large-scale data leak that affected 533 million Facebook accounts. The vulnerability that caused the data leak is now fixed. However, the social media platform is facing an investigation by EU regulators. The data breach…
How safe is Google Play Store? We have written about numerous cases of malicious Android apps hiding in various app stores, directly threatening the owners of the devices. This time security researchers have discovered a wormable piece of Android malware…
Hackers are currently exploiting several security vulnerabilities in popular mission-critical SAP applications. The vulnerabilities enable full takeover and give access to the targeted vulnerable organizations. Several Critical Vulnerabilities in SAP Applications According to the official CISA announcement of the attacks,…
What is the safest way to keep your passwords? Perhaps using a password manager is considered one of the better ways to manage your passwords, especially in a working environment. Unfortunately, despite the available technologies, new Keeper Security study shows…
A new spear phishing campaign leveraging LinkedIn users is using fake job offers to lure potential victims. The payload of the malicious operation is the more_eggs backdoor controlled by the Golden Chicken hackers. According to eSentire security researchers, the phishing…
Have you changed your Facebook password lately? If you haven’t, you may want to change it – security researchers reported a massive data breach exposing the phone numbers and personal details of millions of users. The exposed data consists of…
Security researchers reported vulnerabilities in several legacy models of QNAP network attached storage devices. These devices are prone to remote unauthenticated attacks due to two zero-day flaws – CVE-2020-2509 and CVE-2021-36195. According to SAM’s security research team, QNAP TS-231’s latest…
Is your online privacy respected by large tech companies? Not so much! Both Google’s Pixel and Apple’s iPhone are siphoning mobile device data without the users’ consent. According to researcher Douglas Leith from Trinity College, both iOS and Android transmit…
Cybercriminals constantly reinvent themselves and their hacking approaches. One of the latest “innovations” in the world of cyber scamming focuses on cybercrooks targeting cybersecurity researchers. Cybercrooks posing as cybersecurity researchers… targeting cybersecurity researchers “In January, the Threat Analysis Group documented…
The official PHP Git server was recently compromised in a software supply chain attack. The attackers pushed unauthorized updates to implant a backdoor in the server’s source code. PHP Git Server Cyberattack: What Should You Know? “Yesterday (2021-03-28) two malicious…
