CVE-2018-9489 is the identifier of a brand new security flaw affecting Android. The vulnerability allows malicious apps to bypass permission checks and is also easily obtaining access to read more information. This could enable malware to track device location, among…
Security researcher Willem de Groot recently unearthed the most successful (so far) skimming campaign, at the center of which is the MagentoCore skimmer. The skimmer has already infected 7,339 Magento stores in the last 6 months, thus becoming the most…
Recent analysis by Kaspersky Lab researchers indicates that threat actors are increasingly distributing multipurpose malware, which can be deployed in a variety of attack scenarios. More than 150 Malware Families Analyzed The team analyzed more than 150 malware families along…
A new Linux kernel vulnerability identified as CVE-2018-14619 has been discovered by Red Hat Engineering researchers Florian Weimer and Ondrej Mosnacek. More particularly, the flaw was found in the crypto subsystem of the Linux kernel. CVE-2018-14619 Technical Details The flaw…
A researcher, Daniel Le Gall, has uncovered a serious vulnerability in one of Facebook’s servers. The researcher found a Sentry service hosted on 199.201.65.36 with the hostname sentryagreements.thefacebook.com, while scanning an IP range that belongs to Facebook -199.201.65.0/24. Remote Code…
TPM chips used in computers of various types have been found to be vulnerable to two new attack types. These hardware components are part of motherboards used in various industries and case scenarios. New security research shows that malicious actors…
CVE-2014-9222, more famously known as the Misfortune Cookie vulnerability, is a severe security flaw that was disclosed four years ago when it was impacting routers. Reports reveal that the vulnerability is once again active in the wild. This time attackers…
A serious data breach affecting Air Canada has been announced. The company’s mobile app has been affected, and as a result, its 1.7 million users are now forced to change their passwords. Despite this precaution, the number of affected customers…
The creators of GandCrab ransomware do not sleep as the virus has been detected to infect users via what appears to be game and other software cracks, according to recent reports. The GandCrab ransowmare has been steadily updated with more…
According to security researchers, Linux vulnerabilities could be entirely mitigated or “decreased” to “less-than-critical” severity via an OS design which is based on a verified microkernel. To prove their point, a group of academic and government-backed researchers carry out an…
To the attention of WhatsApp users – the company has made an important announcement regarding WhatsApp’s backups. It appears that they will no longer count towards the Google Drive storage quota. In addition, WhatsApp backups that haven’t been updated in…
The security community has reported that a new malicious tactic has been developed called the Synesthesia Side Channel Attack. The available information shows that inaudible acoustic signals can be deciphered into revealing sensitive user content. Several attack scenarios are proposed…
Bank of Spain was hit by a DDoS attack as a result of which the bank’s website was offline on Monday (August 27). According to the bank’s statement, the attack didn’t have any impact on its operations. Also, communications with…
Nowadays, there’s hardly anything that cannot be hacked. Our lives are more vulnerable than they have ever been, and this is mostly due to the smart devices we are using. We won’t be going further into detail about the paradox…
A new Windows zero-day vulnerability has been announced by CERT/CC. The organization just put out a warning of the flaw which is described as a privilege escalation one. The vulnerability was initially announced on Twitter by SandboxEscaper who also said…
Last week, we reported about CVE-2018-11776, a new highly critical vulnerability residing in Apache Strut’s core functionality, also described as a remote code execution vulnerability that affects all supported versions of Apache Struts 2. The flaw is located in the…
A new Mirai botnet version has been released by computer hackers as new attacks deploying it have been detected. The attack campaigns are global and target both individual users and service devices. This is one of the most popular weapons…
Another significant data breach affecting an international company was recently disclosed. T-Mobile announced that it was hit by hackers and as a result of the attack, personal information of some 2 million customers was compromised. This personal information includes name,…
Cyber-attacks have become the biggest reason of concern for organizations and individuals alike. This concern mainly stems from the fact that organizations are ill-prepared to deal with cyber threats. To add to this, hackers are leaving no stone unturned to…
A new vulnerability has been uncovered – the kind that could turn out worse than the one that triggered the Equifax breach. The vulnerability has been identified as CVE-2018-11776, residing in Apache Strut’s core functionality. It is a remote code…
