A denial-of-service vulnerability typical for older versions of Windows has resurfaced in the operating system. The security flaw has been dubbed FragmentSmack (identical to SegmentSmack in Linux) and has been given the CVE-2018-5391 identifier. As explained in Microsoft’s advisory, “an…
The Bristol Airport in the UK has become a victim of a ransomware attack. As a result, the airport’s in-house TV screens needed to display arrival and departure flight information were affected and literally blacked out. The attack happened several…
It’s not a secret that modern apps often become a target of cyberattacks. Gartner reports that 95% of web applications experience attacks because of stolen user passwords. This means a set of symbols is no longer a reliable way of…
Following last year’s disclosure of the BlueBorne vulnerability security experts note that about 2 billion Bluetooth devices are still affected by it. BlueBorne is a collection of bugs that allow the hackers to intrude into them. Many of these devices…
A new tech support scam involving Google Chrome has been detected. Apparently, the scam is using a novel technique to hijack the browsing sessions of Chrome users. The scam relies on well-known tricks such as browser locking where the user…
Another day, another vulnerability. Intel has just released firmware updates for a vulnerability (CVE-2018-3655) in the Intel Converged Security and Manageability Engine (CSME). The security flaw enables threat actors to recover, modify, or delete data stored on Intel’s CPU chip-on-chip…
Computer criminals are constantly looking our for ways to infect computer systems at large. A recent security audit has revealed that hackers are using a 2008 cold boot attack which is still found in modern computers from all major vendors.…
Security researcher and privacy advocate Troy Hunt has reported an intriguing incident involving a free, public, and anonymous hosting service. Apparently, a large database containing email addresses, passwords in clear text and partial credit card details has been uploaded to…
Mongo Lock is a new attack that is aimed at MongoDB databases which have no protection and remote access left open. Mongo Lock is a ransomware threat, which wipes these databases and uses extortion tactics like any other ransomware to…
Jaxx cryptocurrency wallet is the latest victim of hackers. A website spoofing the official website of Jaxx was recently taken down after Flashpoint researchers discovered several infections connected to the operation. The fake site had a URL similar to the…
The Whiplr messenger has been found to utilize an insecure account verification procedure by requesting plain-text usernames and password combinations. This allows malicious users to easily hijack the information using various methods. The Whiplr Messenger Uses an Insecure Account Verification…
A database belonging to Veeam, a data management company, has been leaked online containing sensitive customer records. A deeper look into its contents reveals that many of its customers are Fortune 500 companies which signals a very serious security risk.…
September Patch Tuesday 2018 has been released, fixing a total of 62 security vulnerabilities. The fixes include a recently discovered zero-day bug which was exploited in the wild. This vulnerability has been given the CVE-2018-8440 identifier. More about CVE-2018-8440 The…
A recent report indicates that WordPress site administrators are becoming target to a global phishing scam. It is being orchestrated by an unknown criminal collective, its main goal seems to be the acquisition of sensitive information by coercing the targets…
A serious issue has been identified in the Microsoft Edge and Safari browsers as they have been found to allow address bar spoofing. This vulnerability allows malicious code to redirect the users and lead to potential virus infections. Address Bar…
A new Microsoft Windows zero-day vulnerability known as ALPC LPE has been exploited in the wild. The dangerous fact is that the hacking attacks happened soon after the information was published online. Users from all over the world are affected.…
Zerodium recently reported the discovery of a new zero-day exploit in Tor browser. The same exploit vendor earlier this year offered $1 million for submitting such an exploit for Tor browser. The new Tor zero-day could reveal the identity of…
Security experts report that the LuckyMouse Hacking group has devised a new malicious threat which uses a highly advanced infiltration behavior pattern. This new LuckyMouse Trojan has the capability to infect high-profile networks and is considered a critical infection. Luckymouse…
If you’re an Apple fan or owner of their devices, perhaps you heard. The very popular anti-malware app for Mac called Adware Doctor was removed from the Mac App Store. The reason? The app was collecting browsing histories, as well…
Security researchers have made an aggravating discovery that concerns an increasing number of iOS apps, which have been used to silently and secretly collect location histories from tens of millions of Apple devices. To do so, the apps used packaged…
