The DoubleGuns botnet has become one of the most significant malware of its category in China. It has developed into a major threat in the past few years and has already caused numerous infections to thousands of computers. DoubleGuns Botnet…
A new highly dangerous, critical vulnerability was identified in the Android operating system. The vulnerability resembles the StrandHogg flaw, revealed last year, but is even more sophisticated. Dubbed StrandHogg 2.0 and also known as CVE-2020-0096, the vulnerability affects all Android…
EasyJet recently revealed that it went through a significant data breach that affected nine million of the company’s customers. The breached data also included more than two thousand credit card details. Following this massive data breach, EasyJet is facing an…
Hangzhou, one of the major IT hubs in China is planning to enforce a tracking app for the citizens of the city. The reasoning for this is the current COVID-19 pandemic, the applications is to be connected to a health…
Enterprise company networks are under attack by a criminal collective known as Blue Mockinbird, a code name used to refer to them. The campaign has just been detected however it has been active since at least December 2019. The hackers…
A new iOS jailbreak was recently released by a group of cybersecurity experts and reverse engineers, known as the Unc0ver team. The jailbreak, called UnC0ver 5.0.0, can root and unlock all iOS devices, including the ones running the most recent…
Facebook is facing another penalty over false data privacy claims. According to Canada’s Competition Bureau, Facebook has mishandled user information by creating the false feeling that users could control who could see and access their personal information via privacy features.…
There’s a new high severity, remote code execution (RCE) vulnerability in VMware Cloud Director. Tracked as CVE-2020-3956, the flaw triggers code injection that allows authenticated attackers to send malicious traffic to Cloud Director. This could then lead to arbitrary code…
GhostDNS exploit kit was making the headlines last year, when it was first discovered by Qihoo 360’s NetLab researchers. Back then, the researchers came across a widespread malicious campaign that had hijacked more than 100,000 home routers to modify their…
The latest large-scale data leak involves the personally identifiable information of 192 million data records of customers in Brazil. Natura, one of the country’s largest cosmetics companies, had a leaky database hosted on two unprotected US-based Amazon servers. Natura Cosmetics…
Another day, another discovery of vulnerabilities. A new malicious attack exploiting the way DNS recursive resolvers operate was just discovered. In detail, the attack exploits the way the resolvers work when receiving NS referral response that contains nameservers but without…
A new type of malicious attack was recently disclosed, based on a new security flaw in the Bluetooth wireless protocol. The attack has been called BIAS (Bias Impersonation AttackS) and is given the CVE-2020-10135 identifier, and it affects the classic…
Mozilla has decided to drop support for Flash for the Firefox browser. This change is going to happen by December 2020. Why is Mozilla implementing this change? According to Plugin Roadmap for Firefox, the main reason is security: Plugins are…
Cybersecurity researchers recently identified more than 300 phishing campaigns created to harvest personal and banking details from potential victims. Most of these scams are using sites that are identical to the original ones, made with authentic images and user interfaces.…
Covid-19 phishing campaigns are on the rise as criminals are taking advantage of the virus pandemic outbreak. The newest payload which is a Node.js Trojan which is otherwise known as QnodeService. According to the available information the detection rate is…
A joint advisory released by USA agencies reveals three new North Korean malware called COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH. The reports are published online at the US CERT site and include not only a description but also a malware analysis of…
What is the current state of iOS security? According to exploit acquisition firm Zerodium, iOS security is not doing that great anymore. Five years ago, Zerodium was offering a reward of $1 million for a browser-based, untethered jailbreak in iOS…
The Cybersecurity and Infrastructure Security Agency (CISA), together with the Federal Bureau of Investigation (FBI), and the broader U.S. Government have released an alert detailing the 10 most exploited vulnerabilities in the period between 2016 and 2019, and also so…
Remember the Astaroth Trojan? Considered to be one of the stealthiest pieces of info-stealing malware, Astaroth continues to evolve in its latest attacks. According to a new report released by Cisco Talos, the malware has obtained two major updates. This…
Intel and Microsoft are working together to create new methods to protect from various new malware, their newest project is the creation of the STAMINA technology. This is a smart AI powered mechanism that allows a system to detect viruses.…
