A brand new macOS exploit has been revealed by researchers. The exploit would allow remote installation of malware on the targeted system with the help of custom URL handlers in Safari. The researchers proved the attack in a demo. It…
The Official MEGA Chrome Extension has been hacked according to security reports, until the issue has been resolved all users should uninstall it immediately. The version offered on The Chrome Web Store has been replaced by a malicious instance that…
The Hakai IoT botnet is a dangerous threat that is being distributed in a global attack campaign targeting home routers of all popular brands. It is built on the foundations of an older threat featuring heavy upgrades. Hakai Iot Botnet…
Tech-support scams have been around for several years, and during that time, they have definitely improved, becoming more difficult to detect or recognize. Unfortunately, this is not only true for online users but also for Google. It turns out that…
Motherboard recently reported that a company [Family Orbit] that is selling spyware to parents to keep track of their children has been hacked. As a result, the pictures of hundreds of monitored children were leaked online, protected only by an…
CVE-2018-9489 is the identifier of a brand new security flaw affecting Android. The vulnerability allows malicious apps to bypass permission checks and is also easily obtaining access to read more information. This could enable malware to track device location, among…
Security researcher Willem de Groot recently unearthed the most successful (so far) skimming campaign, at the center of which is the MagentoCore skimmer. The skimmer has already infected 7,339 Magento stores in the last 6 months, thus becoming the most…
Recent analysis by Kaspersky Lab researchers indicates that threat actors are increasingly distributing multipurpose malware, which can be deployed in a variety of attack scenarios. More than 150 Malware Families Analyzed The team analyzed more than 150 malware families along…
A new Linux kernel vulnerability identified as CVE-2018-14619 has been discovered by Red Hat Engineering researchers Florian Weimer and Ondrej Mosnacek. More particularly, the flaw was found in the crypto subsystem of the Linux kernel. CVE-2018-14619 Technical Details The flaw…
A researcher, Daniel Le Gall, has uncovered a serious vulnerability in one of Facebook’s servers. The researcher found a Sentry service hosted on 199.201.65.36 with the hostname sentryagreements.thefacebook.com, while scanning an IP range that belongs to Facebook -199.201.65.0/24. Remote Code…
TPM chips used in computers of various types have been found to be vulnerable to two new attack types. These hardware components are part of motherboards used in various industries and case scenarios. New security research shows that malicious actors…
CVE-2014-9222, more famously known as the Misfortune Cookie vulnerability, is a severe security flaw that was disclosed four years ago when it was impacting routers. Reports reveal that the vulnerability is once again active in the wild. This time attackers…
A serious data breach affecting Air Canada has been announced. The company’s mobile app has been affected, and as a result, its 1.7 million users are now forced to change their passwords. Despite this precaution, the number of affected customers…
The creators of GandCrab ransomware do not sleep as the virus has been detected to infect users via what appears to be game and other software cracks, according to recent reports. The GandCrab ransowmare has been steadily updated with more…
According to security researchers, Linux vulnerabilities could be entirely mitigated or “decreased” to “less-than-critical” severity via an OS design which is based on a verified microkernel. To prove their point, a group of academic and government-backed researchers carry out an…
To the attention of WhatsApp users – the company has made an important announcement regarding WhatsApp’s backups. It appears that they will no longer count towards the Google Drive storage quota. In addition, WhatsApp backups that haven’t been updated in…
The security community has reported that a new malicious tactic has been developed called the Synesthesia Side Channel Attack. The available information shows that inaudible acoustic signals can be deciphered into revealing sensitive user content. Several attack scenarios are proposed…
Bank of Spain was hit by a DDoS attack as a result of which the bank’s website was offline on Monday (August 27). According to the bank’s statement, the attack didn’t have any impact on its operations. Also, communications with…
Nowadays, there’s hardly anything that cannot be hacked. Our lives are more vulnerable than they have ever been, and this is mostly due to the smart devices we are using. We won’t be going further into detail about the paradox…
A new Windows zero-day vulnerability has been announced by CERT/CC. The organization just put out a warning of the flaw which is described as a privilege escalation one. The vulnerability was initially announced on Twitter by SandboxEscaper who also said…
