A new massive data breach was recently discovered by security researchers. Apparently, on October 16, 2019 Data Viper security researchers Bob Diachenko and Vinny Troia discovered a wide-open Elasticsearch server which contained “an unprecedented 4 billion user accounts spanning more…
Who would’ve thought that the face swap app we all have been enjoying on social media could be a tool that messes another person’s entire life or even a whole nation? Not everything we see is real – these lines…
A new Kaspersky report reveals that four common, open-source VNC (virtual network computing) remote desktop apps contain 37 vulnerabilities that could enable remote attacks. Four common open-source VNC apps contain 37 vulnerabilities The issue with desktop apps is that they…
Great news for bug bounty hunters – Google has announced that its Android Security Rewards (ASR) program is increasing its payouts. The highest bounty is now $1.5 million. Did you know? The Android Security Rewards (ASR) program was created in…
RIPlace is new ransomware bypass technique that was recently detected by security researchers. The technique relies on just a few lines of code to successfully evade built-in ransomware protection features, present in security solutions and Windows 10. The RIPlace technique…
A new malicious campaign had been discovered, carrying the Mispadu backdoor and banking Trojan. The backdoor is using a malvertising trick to spread, and is hiding behind a McDonalds ad to steal payment card information from users. For now, users…
There’s a new botnet currently targeting Linux servers which are running vulnerable Webmin applications. The botnet has been called Roboto. Netlab researchers were capable of capturing the Downloader and Bot modules of the botnet, and they believe that it also…
Artificial Intelligence (AI) promises to improve the performance of every major industry in the world by automating tasks that were earlier done by humans. As more companies now prefer to keep their data on the cloud and as instances where…
CVE-2019-2234 is a brand new vulnerability that affects Google and Samsung smartphones. The vulnerability, which can be described as a permission bypass issue, could allow attackers to hijack the device’s camera to take pictures or record video, even when the…
Skimming attacks are on the rise. Just yesterday we reported about a new skimmer, called Pipka, which is capable of deleting itself from the HTML code of infected pages. Perhaps Pipka is going to be the next big skimming malware…
Pipka is the name of a new JavaScript skimmer, currenting targeting e-commerce websites. The skimmer is stealing payment card details, such as account number, card expiration date, CVV number, and cardholder name and address from websites’ checkout pages. The Pipka…
There’s a new ransomware called NextCry which is currently targeting NextCloud users. NextCloud is a suite of client-server software for creating and using file hosting services. When it was first observed in the wild, NextCry wasn’t detected by any of…
A new security research reveals yet another security flaw that affects Android smartphones. A chain of two security bugs (CVE-2015-6639 and CVE-2016-2431) were discovered in the Qualcomm Secure World virtual processor, which, fortunately, have already been patched. So, what is…
The well-known criminal collective APT33 who has been carefully targeting individuals and organizations in the U.S., Asia, and the Middle East, has taken special care to make tracking more difficult, say Trend Micro researchers. APT33, who researchers believe is being…
The first ransomware attack happened in 1989. Although primitive by today’s standards, the concept was the same. The virus locked hard drive files, and users needed to pay $189 to “PC Cyborg Corporation” to get the repair disk. Sound familiar?…
The next bug report is related to Facebook and Apple. Apparently, Facebook has just said it will fix a bug that unintentionally accesses the camera of an iPhone while the user is scrolling through the app’s News Feed. The issue…
Cybersecurity conferences provide a significant opportunity for professionals to expand their network, learn from their peers about new developments, gain new insights, and exchange ideas with industry experts. Staying up-to-date with the rapid advancements in tackling security is relentless but…
There is a serious loophole in Mac security, and it is related to macros. The issue affects the Mac version of Microsoft Office. According to the official advisory, “the Microsoft Office for Mac option “Disable all macros without notification” enables…
A TrendMicro employee has been stealing consumer information and selling it to tech support scammers. The company made an announcement regarding this security incident, in which in becomes clear that unauthorized disclosure of personal data of some customers has been…
Phishing has been evolving steadily over the years. As a result, cybercriminals have learned to exploit technical markers such as browser identification, geo-locations and operating system to enable granular targeting. However, these are not the only markers phishers have been…
