There are few things as frustrating as a slow browsing speed. When web pages take forever to load and your browser keeps freezing for no reason, doing anything on the web becomes an exercise in patience. Don’t worry though, as…
A trojanized version of TeamViewer has been used in targeted attacks against governmental and financial institutions. The application has been maliciously modified to steal financial information from targets in Europe and worldwide. Among the targeted countries are Nepal, Kenya, Liberia,…
The source code of the infamous Carbanak banking malware was discovered uploaded on VirusTotal. More precisely, security researchers from FireEye say that they found the malware’s source code, builders, and some unknown plugins in two RAR archives that were uploaded…
Password hygiene has not improved much when compared to data we analyzed in 2015. Apparently, the list of worst passwords doesn’t change from year to year, with users continuing to use weak passwords for their accounts. New statistics reveal that…
Cross-site scripting (XSS) is nothing to take lightly. As simultaneously the most prevalent and overlooked security vulnerability around today, this type of breach affects the way your pages load, makes it easier to steal financial and other data, or could…
It’s a fact that we’re facing new vulnerabilities daily. Today’s share of flaws comes from Broadcom WiFi chipset drivers. The flaws (CVE-2019-9503, CVE-2019-9500, CVE-2019-9501, CVE-2019-9502) affect multiple operating systems and could allow remote attackers to perform arbitrary code execution resulting…
„А series of rampant malvertising campaigns“ targeting iOS users have been detected. The campaigns targeted both US and European publishers, and respectively users. According to Confiant security researchers the malicious activities come from a known threat actor called eGobbler that…
Yet another sextortion scam is sneaking into users’ inboxes. The scam which is using the “Warning! Account compromised!” subject line is relying on the spoofing technique to make the user believe their system has been hacked. What Is Spoofing? Spoofing…
If you use AdBlock, AdBlock Plus or uBlock, you should be aware that a security researcher discovered a vulnerability in their filter systems. The loophole may allow remote attackers to inject arbitrary code into web pages. The discovery was made…
Scranos is the name of a new rootkit-enabled spyware which despite its current sophistication appears to be “work-in-progress”. Bitdefender researchers recently discovered that the operators of Scranos are continuously testing new components on already-infected users and regularly making minor improvement…
CVE-2019-0859 is a zero-day vulnerability which was part of this month‘s Patch Tuesday. The vulnerability was detected by Kaskersky Lab researchers who just released detailed technical resume of the issue. In March 2019, Kaspersky’s Exploit Prevention (EP) systems detected an…
Australian police forces have informed the public that cyber-crooks focus on newer targets to drain funds – online payment systems. We are talking about pension funds, salaries as well as invoice payments. The amount of money in such attacks has…
Special team has been recently assigned in reviewing audio in Alexa with the main goal to help improve the way the device responds to commands. Amazon’s Alexa has been purchased countless times and has been used by a lot of…
Microsoft has declined to patch a zero-day vulnerability in Internet Explorer for which a security researcher published details and proof-of-concept. The flaw can allow attackers to steal files from computers running Windows. More specifically, the researcher successfully tested the zero-day…
New alarming statistics reveal that approximately 25 percent of phishing emails taken from a batch of 55 million analyzed emails were marked as clean by Office 365 Exchange Online Protection (EOP). This means that these phishing emails got to recipients’…
A new research reveals vulnerabilities in “a limited number of early implementations of WPA3™-Personal, where those devices allow collection of side channel information on a device running an attacker’s software, do not properly implement certain cryptographic operations, or use unsuitable…
A new highly sophisticated APT framework used for spying purposes was recently uncovered by security researchers. The malicious framework has been in operation for at least 5 years but it’s the first time it’s been detected. The framework has been…
April 2019 Patch Tuesday is here, consisting of fixes for 74 vulnerabilities. Note that two of the flaws (CVE-2019-0803 and CVE-2019-0859, see details below) are actively exploited in attacks in the wild. 13 of the vulnerabilities are rated critical, and…
Verizon Fios Quantum Gateway contains three high-severity vulnerabilities (CVE-2019-3914, CVE-2019-3915, CVE-2019-3916). which could allow command injection. When exploited at once, the flaws could give an attacker complete control over a network. Note that the device is used by millions of…
In December, 2017, malware researchers came across several apps that were published on Google Play and third-party app stores. The apps had surveillance capabilities. Because of the name of the malware’s payload, watchdog, the researchers named the apps AnubisSpy. Anubis…
