An Indian mobile payment giant MobiKwik has made it to the news in the wake…
MobiKwik Suffered Data Breach – 3.5M Customers’ Data Uploaded to Dark Web on Latest Hacking News.
Wednesday, 31 March 2021
Two Linux Vulnerabilities Could Allow Bypassing Spectre Attack Mitigations
While mitigations are in place to protect Linux systems from Spectre attacks, newly discovered vulnerabilities…
Two Linux Vulnerabilities Could Allow Bypassing Spectre Attack Mitigations on Latest Hacking News.
Decided to move on from your NGAV/EDR? A Guide for Small Security Teams to What's Next
You're fully aware of the need to stop threats at the front door and then hunt any that got through that first gate, so your company installed an EPP/ EDR solution. But like most companies, you've already come across its shortcoming – and these are amplified since you have a small security team. More than likely, you noticed that it has its share of detection blind spots and limitations for
Are you prepared to prevent data loss?
From losing cherished memories to missing deadlines, the impact of not having backups when a data disaster strikes can hardly be overstated
The post Are you prepared to prevent data loss? appeared first on WeLiveSecurity
5G Network Slicing Vulnerabilities Risk DoS, Location Tracking, Data Theft, and Other Threats
Researchers have found some serious vulnerabilities in 5G network slicing and virtualization technology. Exploiting these…
5G Network Slicing Vulnerabilities Risk DoS, Location Tracking, Data Theft, and Other Threats on Latest Hacking News.
Top 4 Reasons Why Network Security Is Critical for Businesses
Cybersecurity has been a primary concern for businesses worldwide for several years now. However, with…
Top 4 Reasons Why Network Security Is Critical for Businesses on Latest Hacking News.
6 Benefits Of GPS Tracking Cameras
GPS tracking systems have been evolving over a good time. Business owners or even common…
6 Benefits Of GPS Tracking Cameras on Latest Hacking News.
Useful Tips for Choosing the Right 3D Printer
3D printers are very versatile pieces of newly developed equipment. They can be used to…
Useful Tips for Choosing the Right 3D Printer on Latest Hacking News.
Backdoor added to PHP source code in Git server breach
Had the incident gone unnoticed, the attackers could have taken over websites using the tainted code
The post Backdoor added to PHP source code in Git server breach appeared first on WeLiveSecurity
Serious Vulnerability In Netmask npm Package Risked 270K+ Projects
A serious vulnerability existed in the Netmask npm package that could allow server-side request forgery.…
Serious Vulnerability In Netmask npm Package Risked 270K+ Projects on Latest Hacking News.
Hackers are implanting multiple backdoors at industrial targets in Japan
Cybersecurity researchers on Tuesday disclosed details of a sophisticated campaign that deploys malicious backdoors for the purpose of exfiltrating information from a number of industry sectors located in Japan. Dubbed "A41APT" by Kaspersky researchers, the findings delve into a new slew of attacks undertaken by APT10 (aka Stone Panda or Cicada) using previously undocumented malware to deliver
Tuesday, 30 March 2021
Harris Federation Education Charity Suffered Ransomware Attack
London-based education trust Harris Federation appears the latest victim of a ransomware attack. The incident…
Harris Federation Education Charity Suffered Ransomware Attack on Latest Hacking News.
How Pandemic-Driven Tech Trends are Changing the Labor Market for Good
The year 2020 will be remembered for many things. Among them will be a global…
How Pandemic-Driven Tech Trends are Changing the Labor Market for Good on Latest Hacking News.
Apple rushes to patch zero‑day flaw in iOS, iPadOS
The bug is under active exploitation by unknown attackers and affects a wide range of devices, including iPhones, iPads and Apple Watches
The post Apple rushes to patch zero‑day flaw in iOS, iPadOS appeared first on WeLiveSecurity
Backdoor In PHP Source Code Discovered
Unidentified attackers recently hacked the PHP Git server to inject the source code with a…
Backdoor In PHP Source Code Discovered on Latest Hacking News.
Monday, 29 March 2021
MobiKwik Suffers Major Breach — KYC Data of 3.5 Million Users Exposed
Popular Indian mobile payments service MobiKwik on Monday came under fire after 8.2 terabytes (TB) of data belonging to millions of its users began circulating on the dark web in the aftermath of a major data breach that came to light earlier this month. The leaked data includes sensitive personal information such as:customer names,hashed passwords,email addresses,residential addresses,GPS
FatFace Disclosed Data Breach; Turns Out It Suffered Ransomware Attack
While ransomware attacks are becoming common, still not every victim firm knows how to deal…
FatFace Disclosed Data Breach; Turns Out It Suffered Ransomware Attack on Latest Hacking News.
Researcher Patented C2FIV Technology As 2FA For Face Recognition Via Facial Movements
Face recognition is one of the modern biometric authentication methods used for various security purposes.…
Researcher Patented C2FIV Technology As 2FA For Face Recognition Via Facial Movements on Latest Hacking News.
Malicious System Update App Targets Android Users With Malware
Android users are now facing a new malware threatening their personal information. The new Android…
Malicious System Update App Targets Android Users With Malware on Latest Hacking News.
SAAS & Security – Best Practices For Businesses
Software as a Service (SAAS) has revolutionised the way we do business. Moving data and…
SAAS & Security – Best Practices For Businesses on Latest Hacking News.
Insurance Giant CNA Went Offline Following A Ransomware Attack
The latest victim of a ransomware attack is the American insurance giant CNA Financial. The…
Insurance Giant CNA Went Offline Following A Ransomware Attack on Latest Hacking News.
Top Security Tips That Every Business Owner Must Know
In this day and age, one can never be too safe. Businesses now need to…
Top Security Tips That Every Business Owner Must Know on Latest Hacking News.
Flaws in Ovarro TBox RTUs Could Open Industrial Systems to Remote Attacks
As many as five vulnerabilities have been uncovered in Ovarro's TBox remote terminal units (RTUs) that, if left unpatched, could open the door for escalating attacks against critical infrastructures, like remote code execution and denial-of-service. "Successful exploitation of these vulnerabilities could result in remote code execution, which may cause a denial-of-service condition," the U.S.
Apple Fixed Serious Actively Exploited Zero-Day Bug With iOS 14.4.2
Heads up iOS users! Make sure to update your devices with the latest iOS version…
Apple Fixed Serious Actively Exploited Zero-Day Bug With iOS 14.4.2 on Latest Hacking News.
New Bugs Could Let Hackers Bypass Spectre Attack Mitigations On Linux Systems
Cybersecurity researchers on Monday disclosed two new vulnerabilities in Linux-based operating systems that, if successfully exploited, could let attackers circumvent mitigations for speculative attacks such as Spectre and obtain sensitive information from kernel memory. Discovered by Piotr Krysiuk of Symantec's Threat Hunter team, the flaws — tracked as CVE-2020-27170 and CVE-2020-27171 (CVSS
How to Effectively Prevent Email Spoofing Attacks in 2021?
Email spoofing is a growing problem for an organization's security. Spoofing occurs when a hacker sends an email that appears to have been sent from a trusted source/domain. Email spoofing is not a new concept. Defined as "the forgery of an email address header to make the message appear as if it was sent from a person or location other than the actual sender," it has plagued brands for decades.
PHP's Git Server Hacked to Insert Secret Backdoor to Its Source code
In yet another instance of a software supply chain attack, someone hacked the official Git server of the PHP programming language and pushed unauthorized updates to insert a secret backdoor into its source code. The two malicious commits were pushed to the self-hosted "php-src" repository hosted on the git.php.net server, illicitly using the names of Rasmus Lerdorf, the author of the programming
Sunday, 28 March 2021
Purple Fox Malware Adopts Wormable Behavior To Target Windows Systems
A new threat has surfaced online for Windows users. Researchers have discovered Purple Fox malware…
Purple Fox Malware Adopts Wormable Behavior To Target Windows Systems on Latest Hacking News.
Saturday, 27 March 2021
Serious Security Vulnerabilities Found In Facebook for WordPress Plugin
WordPress admins using the Facebook for WordPress add-on should update their sites immediately. Researchers have…
Serious Security Vulnerabilities Found In Facebook for WordPress Plugin on Latest Hacking News.
5 Ways How VPN helps you increase your data privacy in 2021
We store a lot of private information on the internet. It’s very important to protect…
5 Ways How VPN helps you increase your data privacy in 2021 on Latest Hacking News.
Week in security with Tony Anscombe
Security and your right to repair – Scams offer fake COVID-19 vaccines and ask for Bitcoin – Jail time for a disgruntled IT contractor
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Watch Out! That Android System Update May Contain A Powerful Spyware
Researchers have discovered a new information-stealing trojan, which targets Android devices with an onslaught of data-exfiltration capabilities — from collecting browser searches to recording audio and phone calls. While malware on Android has previously taken the guise of copycat apps, which go under names similar to legitimate pieces of software, this sophisticated new malicious app
Friday, 26 March 2021
Apple Issues Urgent Patch Update for Another Zero‑Day Under Attack
Merely weeks after releasing out-of-band patches for iOS, iPadOS and watchOS, Apple has released yet another security update for iPhone, iPad, Apple Watch to fix a critical zero-day weakness that it says is being actively exploited in the wild. Tracked as CVE-2021-1879, the vulnerability relates to a WebKit flaw that could enable adversaries to process maliciously crafted web content that may
Stratus Technologies, Sierra Wireless Suffered Ransomware Attacks
Once again, criminal hackers have targeted two corporate giants to make money by holding their…
Stratus Technologies, Sierra Wireless Suffered Ransomware Attacks on Latest Hacking News.
15 Email Delivery Terms Explained
Imagine that you created a very ideal subject line, chose the best sender name in…
15 Email Delivery Terms Explained on Latest Hacking News.
OpenSSL Releases Patches for 2 High-Severity Security Vulnerabilities
The maintainers of OpenSSL have released a fix for two high-severity security flaws in its software that could be exploited to carry out denial-of-service (DoS) attacks and bypass certificate verification. Tracked as CVE-2021-3449 and CVE-2021-3450, both the vulnerabilities have been resolved in an update (version OpenSSL 1.1.1k) released on Thursday. While CVE-2021-3449 affects all OpenSSL
Cloudflare Enhance Users Safety With Browser Isolation, Page Shield
Cloudflare has launched two separate and useful security enhancements for its consumers in the same…
Cloudflare Enhance Users Safety With Browser Isolation, Page Shield on Latest Hacking News.
Warning issued over scams touting fake COVID‑19 vaccines, asking for Bitcoin
Money doesn’t buy you happiness – cryptocurrency doesn’t buy you a genuine COVID-19 vaccine
The post Warning issued over scams touting fake COVID‑19 vaccines, asking for Bitcoin appeared first on WeLiveSecurity
New 5G Flaw Exposes Priority Networks to Location Tracking and Other Attacks
New research into 5G architecture has uncovered a security flaw in its network slicing and virtualized network functions that could be exploited to allow data access and denial of service attacks between different network slices on a mobile operator's 5G network. AdaptiveMobile shared its findings with the GSM Association (GSMA) on February 4, 2021, following which the weaknesses were
Thursday, 25 March 2021
Another Critical RCE Flaw Discovered in SolarWinds Orion Platform
IT infrastructure management provider SolarWinds on Thursday released a new update to its Orion networking monitoring tool with fixes for four security vulnerabilities, counting two weaknesses that could be exploited by an authenticated attacker to achieve remote code execution (RCE). Chief among them is a JSON deserialization flaw that allows an authenticated user to execute arbitrary code via
Shell Disclosed Third-Party Data Breach Due To Vulnerable Accellion FTA
Joining the list of victims suffering cybersecurity issues following the Accellion FTA bug exploit, now…
Shell Disclosed Third-Party Data Breach Due To Vulnerable Accellion FTA on Latest Hacking News.
Black Kingdom Ransomware Hunting Unpatched Microsoft Exchange Servers
More than a week after Microsoft released a one-click mitigation tool to mitigate cyberattacks targeting on-premises Exchange servers, the company disclosed that patches have been applied to 92% of all internet-facing servers affected by the ProxyLogon vulnerabilities. The development, a 43% improvement from the previous week, caps off a whirlwind of espionage and malware campaigns that hit
Forcing Self-Service Password Reset (SSPR) Registration to Increase ROI
When your organization invests in a new product or service, it is essential that you take advantage of all the features it has to offer. This will help you to maximize your return on investment (ROI). If you have purchased or are thinking about purchasing a self-service password reset (SSPR) tool, one of the most important things you will need to do is make sure that 100% of users are registered
Vengeful IT worker gets jail time for deleting company’s Microsoft user accounts
The company was left to deal with three months’ worth of IT problems
The post Vengeful IT worker gets jail time for deleting company’s Microsoft user accounts appeared first on WeLiveSecurity
Critical Cisco Jabber Bug Could Let Attackers Hack Remote Systems
Cisco on Wednesday released software updates to address multiple vulnerabilities affecting its Jabber messaging clients across Windows, macOS, Android, and iOS. Successful exploitation of the flaws could permit an "attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic, or cause a
Chinese Hackers Used Facebook to Hack Uighur Muslims Living Abroad
Facebook may be banned in China, but the company on Wednesday said it has disrupted a network of bad actors using its platform to target the Uyghur community and lure them into downloading malicious software that would allow surveillance of their devices. "They targeted activists, journalists and dissidents predominantly among Uyghurs from Xinjiang in China primarily living abroad in Turkey,
Wednesday, 24 March 2021
Mozilla Firefox 87 Out With New Default Referrer Policy For More Privacy
The privacy-focused browser Mozilla Firefox has now introduced another feature to protect users. With the…
Mozilla Firefox 87 Out With New Default Referrer Policy For More Privacy on Latest Hacking News.
Bugs In Netop Vision Pro Learning Platform Threatened Students’ Security
Amidst the new-normal of online education, researchers have highlighted how trivial cybersecurity lapses can cause…
Bugs In Netop Vision Pro Learning Platform Threatened Students’ Security on Latest Hacking News.
New CopperStealer Malware Targets Users To Steal Login Credentials
A new malware is in the wild that is actively targeting users to steal credentials…
New CopperStealer Malware Targets Users To Steal Login Credentials on Latest Hacking News.
Now-Patched Android Zero-Day Actively Exploited For Targeted Attacks
Heads up, Android users. A new zero-day is under active exploitation in the wild targeting…
Now-Patched Android Zero-Day Actively Exploited For Targeted Attacks on Latest Hacking News.
Facebook Expands Support For Security Key To Mobile Apps
Striving to enhance user account security, Facebook has now introduced the support for security key-based…
Facebook Expands Support For Security Key To Mobile Apps on Latest Hacking News.
Almost $2 billion lost to BEC scams in 2020
Nearly half of reported cybercrime losses in 2020 were the result of BEC fraud, according to an FBI report
The post Almost $2 billion lost to BEC scams in 2020 appeared first on WeLiveSecurity
Microsoft Defender Now Addresses Exchange Server Vulnerabilities Automatically
Microsoft Exchange Server bugs have wreaked havoc in the business community as they went under…
Microsoft Defender Now Addresses Exchange Server Vulnerabilities Automatically on Latest Hacking News.
Hackers Exploit Telegram API For Server-Side Data Exfiltration
Researchers have found criminal hackers employing a new technique to steal data. This server-side data…
Hackers Exploit Telegram API For Server-Side Data Exfiltration on Latest Hacking News.
Tuesday, 23 March 2021
Purple Fox Rootkit Can Now Spread Itself to Other Windows Computers
Purple Fox, a Windows malware previously known for infecting machines by using exploit kits and phishing emails, has now added a new technique to its arsenal that gives it worm-like propagation capabilities. The ongoing campaign makes use of a "novel spreading technique via indiscriminate port scanning and exploitation of exposed SMB services with weak passwords and hashes," according to 
5 Key elements in the cybersecurity resume
The advancement of the technological world has made cybersecurity a necessity in the present times. …
5 Key elements in the cybersecurity resume on Latest Hacking News.
When repairing things you own may make you an outlaw
How do you balance the right to repair with the requirement to remain secure?
The post When repairing things you own may make you an outlaw appeared first on WeLiveSecurity
Critical Flaws Affecting GE's Universal Relay Pose Threat to Electric Utilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of critical security shortcomings in GE's Universal Relay (UR) family of power management devices. "Successful exploitation of these vulnerabilities could allow an attacker to access sensitive information, reboot the UR, gain privileged access, or cause a denial-of-service condition," the agency said in an advisory
Monday, 22 March 2021
WARNING: A New Android Zero-Day Vulnerability Is Under Active Attack
Google has disclosed that a now-patched vulnerability affecting Android devices that use Qualcomm chipsets is being weaponized by attackers to launch targeted attacks. Tracked as CVE-2020-11261 (CVSS score 8.4), the flaw concerns an "improper input validation" issue in Qualcomm's Graphics component that could be exploited to trigger memory corruption when an attacker-engineered app requests
How to Use DNS History for Cybersecurity
It’s unfortunate that the word “cybercrime” has become a household name, with virtually every individual…
How to Use DNS History for Cybersecurity on Latest Hacking News.
How To Get Started With Game Hacking
Playing video games or being in the industry of gaming makes you aware of hacking.…
How To Get Started With Game Hacking on Latest Hacking News.
BlackRock Malware Reappears On Play Store Posing As Clubhouse App
Popular audio chat app Clubhouse has now made it to the news for a not-so-good…
BlackRock Malware Reappears On Play Store Posing As Clubhouse App on Latest Hacking News.
Tech Giant Acer Suffered REvil Ransomware Attack – Attackers Demand $50M
Popular computer vendor Acer has made it to the news due to a cyber attack.…
Tech Giant Acer Suffered REvil Ransomware Attack – Attackers Demand $50M on Latest Hacking News.
Popular Netop Remote Learning Software Found Vulnerable to Hacking
Cybersecurity researchers on Sunday disclosed multiple critical vulnerabilities in remote student monitoring software Netop Vision Pro that a malicious attacker could abuse to execute arbitrary code and take over Windows computers. "These findings allow for elevation of privileges and ultimately remote code execution which could be used by a malicious attacker within the same network to gain
Zoom Screen-Sharing Glitch May Expose Unintended Information To Others
Heads up, Zoom users! The screen-sharing feature of the Zoom app has a glitch that…
Zoom Screen-Sharing Glitch May Expose Unintended Information To Others on Latest Hacking News.
XcodeSpy Mac Malware Actively Targeting XCode Developers With Backdoor
A new threat has emerged for macOS users. Identified as XcodeSpy, the malware spies on…
XcodeSpy Mac Malware Actively Targeting XCode Developers With Backdoor on Latest Hacking News.
Multiple Bugs In TikTok Android App Could Allow 1-Click RCE Attacks
Numerous security vulnerabilities existed in the TikTok application for Android. Exploiting these bugs in TikTok…
Multiple Bugs In TikTok Android App Could Allow 1-Click RCE Attacks on Latest Hacking News.
5 reasons why (not only) financial companies struggle with cybersecurity
Why do many organizations have a hard time keeping up with the evolving threat landscape and effectively managing their cyber-risks?
The post 5 reasons why (not only) financial companies struggle with cybersecurity appeared first on WeLiveSecurity
Magecart Skimmer Attacks Sites Whilst Hiding Stolen Data In JPG Files
Continuing with their invasive strategies, the e-commerce predator Magecart has developed another malicious feature. As…
Magecart Skimmer Attacks Sites Whilst Hiding Stolen Data In JPG Files on Latest Hacking News.
Critical RCE Vulnerability Found in Apache OFBiz ERP Software—Patch Now
The Apache Software Foundation on Friday addressed a high severity vulnerability in Apache OFBiz that could have allowed an unauthenticated adversary to remotely seize control of the open-source enterprise resource planning (ERP) system. Tracked as CVE-2021-26295, the flaw affects all versions of the software prior to 17.12.06 and employs an "unsafe deserialization" as an attack vector to permit
Sunday, 21 March 2021
Multiple XSS Vulnerabilities Found In Elementor WordPress Plugin Risked Millions of Websites
WordPress admins should rush to update their websites at the earliest if they are using…
Multiple XSS Vulnerabilities Found In Elementor WordPress Plugin Risked Millions of Websites on Latest Hacking News.
Saturday, 20 March 2021
Critical F5 BIG-IP Bug Under Active Attacks After PoC Exploit Posted Online
Almost 10 days after application security company F5 Networks released patches for critical vulnerabilities in its BIG-IP and BIG-IQ products, adversaries have begun opportunistically mass scanning and targeting exposed and unpatched networking devices to break into enterprise networks. News of in the wild exploitation development comes on the heels of a proof-of-concept exploit code that
Friday, 19 March 2021
Week in security with Tony Anscombe
A banking trojan masquerades as Clubhouse for Android – The implications of the Verkada breach – A zero-day patched in Chrome
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
7 steps to staying safe and secure on Twitter
Follow these easy steps to prevent your Twitter account from being hacked and to remain safe while tweeting
The post 7 steps to staying safe and secure on Twitter appeared first on WeLiveSecurity
How Your Business Should Respond to Digital Transformation Cyberwar
With internet connectivity and digitization spreading to all sectors of businesses and even our routine…
How Your Business Should Respond to Digital Transformation Cyberwar on Latest Hacking News.
Multiple Travel Apps Found Exposing User Data Publicly
While mobile applications of ride-sharing and travel services offer convenience to users, they can pose…
Multiple Travel Apps Found Exposing User Data Publicly on Latest Hacking News.
Tesla Ransomware Hacker Pleads Guilty; Swiss Hacktivist Charged for Fraud
The U.S. Department of Justice yesterday announced updates on two separate cases involving cyberattacks—a Swiss hacktivist and a Russian hacker who planned to plant malware in the Tesla company. A Swiss hacker who was involved in the intrusion of cloud-based surveillance firm Verkada and exposed camera footage from its customers was charged by the U.S. Department of Justice (DoJ) on Thursday
Trust your surveillance? Why hacked cameras are very bad
When a breach captures a part of us that is unchangeable, does it mean that we have allowed technology to pry too deeply into our lives?
The post Trust your surveillance? Why hacked cameras are very bad appeared first on WeLiveSecurity
Hackers Infecting Apple App Developers With Trojanized Xcode Projects
Cybersecurity researchers on Thursday disclosed a new attack wherein threat actors are leveraging Xcode as an attack vector to compromise Apple platform developers with a backdoor, adding to a growing trend that involves targeting developers and researchers with malicious attacks. Dubbed "XcodeSpy," the trojanized Xcode project is a tainted version of a legitimate, open-source project available
New Zoom Screen-Sharing Bug Lets Other Users Access Restricted Apps
A newly discovered glitch in Zoom's screen sharing feature can accidentally leak sensitive information to other attendees in a call, according to the latest findings. Tracked as CVE-2021-28133, the unpatched security vulnerability makes it possible to reveal contents of applications that are not shared, but only briefly, thereby making it harder to exploit it in the wild. It's worth pointing out
Thursday, 18 March 2021
FBI: Cybercrime losses topped US$4.2 billion in 2020
The Bureau received over 28,000 reports of COVID-19-themed scams last year
The post FBI: Cybercrime losses topped US$4.2 billion in 2020 appeared first on WeLiveSecurity
Beware Android trojan posing as Clubhouse app
The malware can grab login credentials for more than 450 apps and bypass SMS-based two-factor authentication
The post Beware Android trojan posing as Clubhouse app appeared first on WeLiveSecurity
Researcher Demonstrates Hiding Data In Twitter Images
While steganography is nothing new, a researcher has taken this technique to the next level.…
Researcher Demonstrates Hiding Data In Twitter Images on Latest Hacking News.
Critical RCE Flaw Reported in MyBB Forum Software—Patch Your Sites
A pair of critical vulnerabilities in a popular bulletin board software called MyBB could have been chained together to achieve remote code execution (RCE) without the need for prior access to a privileged account. The flaws, which were discovered by independent security researchers Simon Scannell and Carl Smith, were reported to the MyBB Team on February 22, following which it released an
Trivial SMS Exploit Allows A Hacker To Reroute Messages and Takeover Phone Numbers
Some trivial gaping flaws in SMS communication infrastructure can allow for a complete takeover of…
Trivial SMS Exploit Allows A Hacker To Reroute Messages and Takeover Phone Numbers on Latest Hacking News.
FBI Issues Flash Alert For Rising PYSA Ransomware Attacks Against Educational Institutions
Ransomware attacks have already created chaos globally. However, it now seems a new wave is…
FBI Issues Flash Alert For Rising PYSA Ransomware Attacks Against Educational Institutions on Latest Hacking News.
How to Successfully Pursue a Career in Malware Analysis
Are you looking to becoming a malware analyst? Then continue reading to discover how to gain the training you need and start a career in malware analysis career.Did you know that new malware is released every seven seconds? As more and more systems become reliant on the internet, the proliferation of malware becomes increasingly destructive. Once upon a time, a computer virus might cause
Why Cached Credentials Can Cause Account Lockouts and How to Stop it
When a user account becomes locked out, the cause is often attributed to a user who has simply entered an old or incorrect password too many times. However, this is far from being the only thing that can cause an account to become locked. Another common cause, for example, is an application or script that is configured to log into the system using an old password. Perhaps the most easily
Serious XSS Vulnerability Found In DuckDuckGo Browser Extension
The privacy-focused service DuckDuckGo has recently addressed a serious vulnerability affecting its browser extension DuckDuckGo…
Serious XSS Vulnerability Found In DuckDuckGo Browser Extension on Latest Hacking News.
Google Reveals What Personal Data Chrome and It's Apps Collect On You
Privacy-focused search engine DuckDuckGo called out rival Google for "spying" on users after the search giant updated its flagship app to spell out the exact kinds of information it collects for personalization and marketing purposes. "After months of stalling, Google finally revealed how much personal data they collect in Chrome and the Google app. No wonder they wanted to hide it," the company
Flaws in Two Popular WordPress Plugins Affect Over 7 Million Websites
Researchers have disclosed vulnerabilities in multiple WordPress plugins that, if successfully exploited, could allow an attacker to run arbitrary code and take over a website in certain scenarios. The flaws were uncovered in Elementor, a website builder plugin used on more than seven million sites, and WP Super Cache, a tool used to serve cached pages of a WordPress site. According to Wordfence
Wednesday, 17 March 2021
Mimecast Finds SolarWinds Hackers Stole Some of Its Source Code
Email security firm Mimecast on Tuesday revealed that the state-sponsored SolarWinds hackers who broke into its internal network also downloaded source code out of a limited number of repositories. "The threat actor did access a subset of email addresses and other contact information and hashed and salted credentials," the company said in a write-up detailing its investigation, adding the
[Webinar] Oy Vey, We Hired a Large, Hairy Hacker…
It's not every day that one of the best-known independent cybersecurity individuals joins a cybersecurity company. The two are generally on opposite sides of the coin, with little crossover. After all, they're usually concerned with different parts of the cybersecurity puzzle – one providing platforms and tools to defend organizations, the other keeping them accountable and looking for blind
Google fixes Chrome zero‑day bug exploited in the wild
The latest update patches a total of five vulnerabilities affecting the browser’s desktop versions
The post Google fixes Chrome zero‑day bug exploited in the wild appeared first on WeLiveSecurity
Twitter Adds Support For Multiple 2FA Security Keys To Protect Accounts
While Twitter already recognizes hardware security keys for account protection, they just announced an update.…
Twitter Adds Support For Multiple 2FA Security Keys To Protect Accounts on Latest Hacking News.
18-Year-Old Hacker Gets 3 Years in Prison for Massive Twitter 'Bitcoin Scam' Hack
A Florida teen accused of masterminding the hacks of several high-profile Twitter accounts last summer as part of a widespread cryptocurrency scam pled guilty to fraud charges in exchange for a three-year prison sentence. Graham Ivan Clark, 18, will also serve an additional three years on probation. The development comes after the U.S. Department of Justice (DoJ) charged Mason Sheppard (aka
Apple May Start Delivering Security Patches Separately From Other OS Updates
Apple may be changing the way it delivers security patches to its devices running iOS and iPadOS mobile operating systems. According to code spotted in iOS 14.5, the iPhone maker is reportedly working on a method for delivering security fixes independently of other OS updates. The changes were first reported by the 9to5Mac website. <!--adsense--> While Google's Android has had monthly security
Tuesday, 16 March 2021
New Mirai Variant and ZHtrap Botnet Malware Emerge in the Wild
Cybersecurity researchers on Monday disclosed a new wave of ongoing attacks exploiting multiple vulnerabilities to deploy Mirai variants on compromised systems. "Upon successful exploitation, the attackers try to download a malicious shell script, which contains further infection behaviors such as downloading and executing Mirai variants and brute-forcers," Palo Alto Networks' Unit 42 Threat
Subscribe to:
Posts (Atom)