Another vulnerability in macOS has been unearthed exposing passwords used for encrypted APFS external drives in plain text. The bug is present in macOS 10.13.1, and according to mac4n6, the researcher who found it, it’s still there in macOS 10.13.3.…
A new report compiled by marketing agency Fractl reveals how much worth is a user’s login for a range of online services used on a daily basis, such as Facebook, PayPal, DHL, and Gmail. The results are staggering. To do…
Facebook is once again at the center of attention, following the events from last week when the Cambridge Analytica scandal burst out. Now, it has come to the attention of several users that the Facebook’s mobile apps for Android have…
TeleRAT is the name of the latest Android Trojan that was discovered by researchers at Palo Alto Networks. The Trojan is designed to use Telegram Bot API for communication with its command and control server with the purpose of exfiltrating…
Trend Micro researchers have observed a new Monero cryptocurrency mining campaign that targets Linux servers. The campaign is using reused and known vulnerabilities – more particularly, a flaw that has been patched for five years. Users should note that the…
Ledger cryptocurrency hardware wallets have been found to be vulnerable, a teenage security researcher revealed in a blog post. The 15-year-old Saleem Rashid discovered the bug that allowed attackers to fabricate the device’s seed generation, and this way harvest any…
CVE-2018-0878 is the identifier of an information disclosure vulnerability that exists in Windows Remote Assistance. The flaw is triggered when WRA incorrectly processes XML External Entities (XXE). An attacker who successfully exploits the flaw could obtain information further abuse the…
Probably the most important factor when it comes to Facebook criticism is the way the social network handles the personal data of its users. Privacy issues related to individual cases have fueled the debate over time. The majority of the…
There were times, not too long ago, when exploit kits were widely deployed by hackers in various types of malicious campaigns. However, with the improvement of browsers and some other security-focused factors, the use of EKs began to decline, and…
Do you remember the Prilex PoS (point-of-sale) malware? Prilex is one of the latest strains of ATM malware pieces that has been used in highly targeted attacks on Brazilian banks. The malware has been developed using the Visual Basic 6.0…
According to a recent research by University of Surrey, cryptocurrencies have become the dominant tool for money laundering. How was the study conducted? Researchers gathered information directly from convicted cybercriminals and law-enforcement agencies. Apparently, crooks are using cryptocurrency to buy…
According to Microsoft’s Security Intelligence Report, Asia was the region with the highest number of ransomware infection in the period between February and December, 2017. The statistics are taken from the report’s special section dedicated to ransomware. Myanmar and Bangladesh…
Android is once again found to be vulnerable to a serious piece of malware, and this time the scale of the infection is larger than one could imagine. Security researchers came across a massive, unceasing campaign that has infected about…
Apparently, MailChimp email service has been frequently abused to deliver spam messages carrying malware infections. Security researchers have been frustrated because this problem has been happening for quite some time. MailChimp Abused in Spam Campaigns Distributing Malware The issue needs…
Are you privacy-savvy and relying on a VPN to keep your online business to yourself? If so, you may want to know that a VPN recommendation site decided to test 3 VPNs to see whether they were flawlessly performing their…
Bitcoin is once again making the headlines, this time thanks to a piece of malware found on Download.com. The malware was stealing malware identified as through swapping user accounts with the accounts of the hackers behind the operation. This operation…
Two critical vulnerabilities (CVE-2018-1050, CVE-2018-1057) have been discovered in Samba, the open-source software that is a re-implementation of the SMB networking protocol. The Samba software can run on popular operating systems such as Windows, Linux, UNIX, IBM System 390, OpenVMS.…
CVE-2018-0886 is the identifier of a critical flaw found in Credential Security Support Provider (CredSSP). The vulnerability affects all versions of Windows and allows malicious hackers remote access to exploit RDP (Remote Desktop Protocol) and WinRM (Windows Remote Management). Related…
Have you been wondering who is behind the enormous amount of spam you receive in your inbox? Security researchers at McAfee have the answer – two botnets are at fault for 97 percent of all spam emails sent out in…
A highly sophisticated threat capable of cyber espionage via targeting routers has been uncovered by researchers at Kaspersky Lab. Dubbed Slingshot, the malware has been used in malicious campaigns on victims in the Middle East and Africa for several years.…
