The Apache Guacamole remote desktop gateway has been identified to contain zero-day vulnerabilities. The identified issues are described as Reverse RDP vulnerabilities which allows criminals to take over the sessions. Identified issues are now tracked in the CVE-2020-9497 advisory. Zero-Day…
The EKANS ransomware which is known as Snake is one of the most prolific hacking tools which are used in large-scale and targeted campaigns against industrial plants. A recently discovered hacking offensive has uncovered that this malware is once again…
A new information disclosure vulnerability, CVE-2020-12418, was just discovered in Mozilla Firefox. Discovered by Cisco Talos, the vulnerability can be exploited by tricking the user into visiting a specially crafted web page via the browser. In case of a successful…
Security researchers detected a surge of sophisticated targeted attacks that originate from the well-known APT15 hacking group. The targets appear to be the Uyghur community living in China and following the incidents analysis it appears that the criminals may be…
Two out-of-band security updates were just released by Microsoft, addressing remote code execution (RCE) security flaws in Microsoft Windows Codecs Library. Several Windows 10 and Windows Server versions are affected by the vulnerabilities, which are known as CVE-2020-1425 and CVE-2020-1457.…
Mac security is once again impacted by a very dangerous threat called the Evilquest ransomware. This is a rare and new malware which has been detected in software installers that have the virus code embedded in them. In comparison with…
Security researchers have detected that an ongoing attack is being carried out by a hacking group called StrongPity using spyware files. The findings shows that this particular campaign appears to be focused against Kurdish targets which are present in these…
How safe do you think your Facebook password is? If you have used one of the 25 Android apps Google just removed from Google Play Store, your Facebook credentials were stolen. The findings come from French cybersecurity firm Evina which…
LenovoEMC NAS devices are the latest targets of a cybercrime group known as Cl0ud SecuritY. LenovoEMC NAS, or network-attached storage devices are currently being targeted by ransomware threat actors who wipe their files and demand a ransom of about $200…
Computer criminals have devised a new infection mechanism that inserts virus code into the meta data of images which are uploaded to eCommerce sites and portals. This method relies on the saving of the code in the meta data which…
Microsoft Office 365 users are the newest victims of a massive phishing attacks designed to blackmail them into opening malware files. The malicious files are hosted in SLK files whih also include a new infection mechanism. New Intrusion Technique Used…
The distribution of the GoldenSpy Trojan, a prominent remote access malware, has been found to infect users via a legitimate Chinese tax application. It appears that the virus code is bundled from within the software and is made part of…
An advanced Microsoft Windows malware called Lucifer has been found to infect target computers using a very sophisticated features set. It has been detected in an active attack campaign which features a novel infection techniques by “bombarding” computer hosts with…
A new report by WatchGuard sheds light on the state of malware so far into 2020. One of the most crucial findings of the report is that 67% of the malware in Q1 of 2020 was distributed via encrypted HTTPS…
The popular messaging Telegram messaging application has been breached by an unknown hacking group. This has resulted in the theft of internal databases which has allowed the criminals to access personal information of millions of users who are registered for…
Exploit kits have been deployed in plenty of ransomware campaigns in the past few years. Some exploit kits have a short life-span, and others, like Magnitude EK, continue to evolve and be improved. In fact, Magnitude EK is one of…
Android users in Android should stay on alert for Android ransomware that poses as a mobile COVID-19 tracer software made for Canadian citizens. The collected samples are categorized to come from the CryoCaptor ransomware family which is a dangerous group…
A new privacy service developed by Privacy Bee, an Atlanta-based platform focuses on removing users’ data from thousands of databases. The idea of the service is to scrub personal data from databases of companies so that the data can’t be…
A serious intrusion into Twitter’s servers has been reported, hackers have been able to breach and hijack the billing information used by the service. According to the available information the incident was localized in the advertising and analytics platform. Twitter…
A remote code execution vulnerability in Bitdefender, known as CVE-2020-8102 was discovered recently. More specifically, the vulnerability resided in the Safepay browser component in the security solution. CVE-2020-8102: Technical Overview Here’s the official description of CVE-2020-8102: Improper Input Validation vulnerability…
