The Zoom conference service has been found to contain a dangerous vulnerability tracked in CVE-2018-15715 that allows hackers to hijack their sessions. A proof-of-concept code demonstration shows that the flaw not only allows the malicious users to listen in to…
A data breach that affects 500 million individuals was just announced. The affected party is US hotel chain Mariott, and more specifically, its Starwood subsidiary’s guest reservation network. Apparently, the network has exposed its entire database consisting of 500 million…
The answer is within the lines of this post, but is not so simple. Before one is given, other questions have to be answered to give you a better understanding of what is a VPN, how VPNs work and what…
Cryptocurrency mining, or cryptojacking for short, is one of the major cybersecurity threats aimed at both individual users and enterprises, entire networks included. According to statistics, one in three organizations has been targeted by cryptocurrency miners. The number of cryptocurrency…
There are successful malicious campaigns, and then there are successful malicious campaigns. This story falls into the second category, as more than 1.7 million infected Windows-running computers were exploited for click fraud. The campaign has been dubbed 3ve, and has…
Linux users and administrators are advised to be vigilant as news broke of a dangerous ransomware targeting them. It’s called the Lucky ransomware and it is deployed in a global attack campaign featuring typical file-encrypting behavior as the numerous variants…
DNA Money, an Indian newspaper, released a report detailing how Microsoft routinely shared the financial details of Indian bank customers with US intelligence agencies. More specifically, “the data of customers running an account with banks that have migrated to Microsoft…
We all have favorite apps and preferred websites which we use on a daily basis. Along with our growing need of apps and services we constantly rely on, lots of new scams pop up that exploit this need. One of…
Nearly four years ago, Lenovo was making the headlines in a pre-installed adware debacle. Back in 2015, the computer manufacturer was caught installing the Superfish Visual Discovery comparison-search engine software by default on its consumer laptops. Shortly after that revelation,…
Deception has always been part of our lives, so have been con artists. With the evolution of the Internet and our ever-growing dependence on it, however, deception in the form of online scams and frauds has amassed. Con artists of…
The L0rdix malware is a newly detected hacking tool that is being offered on the hacker underground markets allowing prospective buyers to use it in attack campaigns against Windows computers. It allows individual hackers and groups to use it in…
A new security report reveals that a dangerous new Linux Trojan has been found to infect computers worldwide. It is categorized as a hybrid threat as it encompasses attack scenarios of several types of infections. The attacks are found to…
Encryption and privacy are two major issues that concern online users around the globe. So any news towards their improvement is good news. Such is the announcement that encrypted email service provider ProtonMail recently launched a standalone VPN (virtual private…
Dropbox’s Offensive Security red team has discovered a set of zero-day vulnerabilities (later assigned CVE-2017-13890) in Apple’s Safari browser. The research team came across the flaws while testing the way Dropbox and its cloud storage system responded to cyberattacks. More…
According to The Register, some Amazon customers have received emails from Amazon notifying them that their names and email addresses have been “inadvertently disclosed” due to a “technical error.” There’s no information about who had access to the compromised information,…
The Emotet malware is back in active campaigns, security researchers warned. Apparently, the malware is hiding in documents in spam messages that pretend to be sent from financial institutions, or masqueraded as Thanksgiving greetings for employees. The last time we…
Have you heard of the so-called IDN homograph attack? This attack endangers Mac users who don’t update their machines regularly. Also known as script spoofing attack, the IDN (internationalized domain name) attack allows threat actors to deceive online users about…
With the upcoming black Friday on the 23rd of November, we have decided to turn a little attention on the type of scams which you should expect to arrive at your doorstep. The 21st century is a good place in…
One of the largest providers of Dark Web hosting services has been hacked, security researchers reported. Apparently, the service known as Daniel’s Hosting was hacked and taken offline. Daniel Winzen, the hosting’s developer, says that the incident occurred on November…
Positive Technologies researchers performed an extensive analysis on ATMs and how they can be attacked. ATMs from several vendors were tested, such a NCR, Diebold Nixdorf, and GRGBanking. The researchers tested a number of typical attacks and exploits that cybercriminals…
