Threat actors have once again targeted the Magento platform. The purpose of the campaign is planting payment card skimmers on online stores. According to security researcher Willem de Groot, at least 20 Magento extensions have been abused due to a…
Contrary to popular belief, ransomware is not a new concept. Its first ever iteration came about back in 1991, a.k.a. almost two decades ago, when the Internet was still in its incipient stage. It was known as PC Cyborg, and…
The FreeRTOS operating system widely used by IoT devices can be abused by computer hackers to take down the instances. A team of security researchers recently announced that it contains many bugs allowing hackers numerous pathways to the target IoT…
A security researcher has discovered a jQuery File Upload Plugin Zero-Day Vulnerability that allows hackers to abuse thousands of sites. The flaw was announced to the public alongside the fact that this plugin as adopted by many services and platforms.…
Unknown computer hackers have breached the HealthCare.gov sign-up system and hijacked the personal data of about 75 000 users. This site hosted the service called Federally Facilitated Exchanges (FFE) and is used for healthcare insurance use. An official government announcement…
A security researcher has announced the discovery of a critical vulnerability in two of the most popular media players — MPlayer and VLC. The issue was found in the LIVE555 media streaming library which is used in both applications and…
The authors behind GandCrab ransomware virus have released decryption keys for citizens of Syria. The public release of these decryption keys became a reality due to a tweet made by a Syrian victim. He asked for help with the recovery…
iOS and macOS were long believed invincible but facts and statistics reveal another truth. According to a brand new research, there is a near 400% increase in cryptomining attacks against iPhones. This upsurge has been registered in the last two…
Three of the biggest tech companies, Apple, Microsoft, and Google, have made a cornerstone announcement regarding the support for TLS 1.1 and TLS 1.0. Mozilla is also “in” on this change. In a coordinated effort, the companies shared their intentions…
Security researchers from Anomali and Intel 471 made a troublesome discovery regarding personally identifiable information belonging to US residents. The researchers came across Dark Web communications that offered “a large quantity of voter databases for sale”. Personally identifiable information and…
Security researchers have uncovered a new malicious attack that involves well-known exploits with the purpose to circumvent security solutions. The campaign is spreading information stealers, or pieces of sophisticated spyware. More specifically, attackers are spreading a sophisticated information-stealing Trojan known…
Did you know that nearly 80% of all websites run on PHP? More particularly, “PHP is used by 78.9% of all the websites whose server-side programming language we know”, as revealed by W3Techs statistics. This fact alone makes PHP security…
Computer hackers are abusing the CVE-2018-7600 Drupal vulnerability using a new exploit called Drupalgeddon2 to take down sites. The attacks target site instances running versions 6,7 and 8 of Drupal and use the same security vulnerability which was addressed back…
Facebook takes down SPAM political content against of US-based accounts and pages that have found to such messages. This was announced in a blog post published by the company stating that 59 pages and 251 accounts will be removed. SPAM…
A new large-scale campaign against computer users worldwide has been uncovered to plant cryptocurrency miners via a fake Adobe Flash Update. The security report indicates that the criminals have shifted the tactic of distributing ransomware to cryptocurrency miners using this…
GandCrab 5 ransomware strains were recently released by different hacker collectives as ransomware-as-a-service. The available research shows that the developers behind them are probably offering them in underground markets in the form of RaaS. Gandcrab 5 Ransomware Used In RaaS…
Security experts discovered a zero-day vulnerability affecting Microsoft Windows that is used by hackers to launch targeted attacks. It is being tracked in the CVE-2018-8453 advisory which describes it as a weakness in a Win32 Driver file. Microsoft has addressed…
Researchers have found a bug in WhatsApp messenger, giving hackers remote access by a simple video call that can take control of your app by video calling you over the app. The newly discovered weakness by researcher Natalie Silvanovich is…
A new method to corrupt Windows Ransomware protection has been discovered. Hackers can bypass Controlled Folder Access via Windows Registry Editor. Microsoft has recently added a feature, known as Controlled Folder Access. The feature has been used in order to…
The upcoming version of the Google Chrome web browser will include a new security check labelling old security certificates as non-trusted. This poses a serious issue as many of the top 1 million sites are still using them. Many of…
