Remember CVE-2019-16759, the vBulletin vulnerability which was found to affect hundreds of thousands of internet forums? The bug has been exploited in attacks. What is worse, it was leveraged to steal data from Flirtsexchat. As the name suggest, Flirtsexchat is…
One of the malware phenomena that is rapidly expanding is the Geost Android botnet which is reported to have gained the size of more than 800,000 hosts, most of them in Russia. The end goal of the botnet is to…
A Yahoo employee has been found guilty of hacking the inboxes of 6,000 users of the company’s service. The engineer invaded the privacy of the users in order to look for private sexual content belonging to the users — both…
There’s a new iOS exploit that affects all iOS devices running on A5 to A11 chipsets. The exploit is dubbed checkm8 and it was discovered by a researcher known as axi0mx. The checkm8 Exploit Explained The checkm8 exploit leverages vulnerabilities…
There’s a new trend in the black market, and it’s known as disinformation-as-a-service. Security researchers report that underground forums where malware is typically sold are know offering the so-called commercial disinformation services. Cybercriminals are now offering their services to create…
PDFex is the name of a new type of attack that is built by German researchers from several universities, to prove that the PDF encryption is quite vulnerable. PDFex was tested against 27 desktop and web PDF viewers, such as…
A number of high-severity vulnerabilities were unearthed in Cisco IOS and IOS XE network automation software. One of the flaws affects the company’s industrial and grid routers, making the impact incomprehensible. Severe Cisco IOS and IOS XE Vulnerabilities Discovered According…
Ransomware has been known to leverage various known vulnerabilities to gain access to systems. Some vulnerabilities are more common in ransomware attacks, so security researchers at RiskSense decided to analyze the most common ones which are used across multiple families…
An unknown hacking group which is suspected to originate from China has been found to launch a massive attack globally using a Trojanized version of the Narrator service with the PcShare malware. This is particularly dangerous as the ongoing campaign…
Cybercriminals appear to be working on a new way to steal payment card data. According to IBM security researchers, a group of hackers is currently developing malicious scripts to use against commercial-grade Layer 7 (L7) routers. This would entirely change…
A new zero-day vulnerability, CVE-2019-16759, was just unearthed in vBulletin, a proprietary Internet forum software package. The vulnerability was discovered by an anonymous security researcher who published the details about the exploit online, thus exposing vBulletin users to plenty of…
The campaign against malware is ongoing – this is still one of the largest forms of cyberattacks affecting businesses and individuals across the world. To give an idea of the scale of the issue, in early 2019, a team of…
CVE-2019-1367 is a new zero-day vulnerability of the remote code execution kind, for which an emergency patch was just issued. The bug could allow attackers to perform remote attacks with the purpose of gaining access over a system. The vulnerability…
Ransomware continues to be a top threat to both individuals and enterprises. And protection against it is more important than ever. So, it is definitely good news that Cameyo, an application virtualization software-as-a-service platform, is launching a new RDP Port…
To our greatest concern, the services we use daily often become part of data breaches and data leaks, in which our personal details are exposed to cybercriminals. Banks, airlines, hotels, various organizations put our information at risk in databases that…
Small to mid-sized businesses (SMBs) are more targeted by cybercriminals than ever, according to a new AlertLogic report. However, there is a way for SMBs to be protected and it involves cushioning the ports that cyber attackers target the most.…
Skidmap is a new cryptomining malware (cryptominer) that uses loadable kernel modules (LKMs) to sneak into Linux systems. The malware is capable of hiding its malicious activities by displaying fake network traffic stats. According to Trend Micro researchers, who stumbled…
Simjacker is a new set of vulnerabilities that, researchers say, have been exploited for the purpose of surveillance for at least 2 years. The Simjacker vulnerabilities appear to be rather sophisticated and complex, in comparison with previously disclosed attacks over…
The InnfiRAT Malware is a newly discovered threat which includes a sophisticated cryptocurrency theft module. It is written using the .NET framework and targets Windows machines in particular. Cryptocurrency Holders Under Attack By The InnfiRAT Malware Security researchers have discovered…
The PsiXBot malware is an advanced threat that contains several dangerous modules that set it apart from other similar malware of its type. Among them is a sextortion blackmail component that can be very effective against its intended victims. The…
