Archive
Researchers discovered a new firmware vulnerability in TP-link Archer C5 (v4) routers Let the attacker gain an Admin Password, and allow them remote takeover the router. Once the vulnerability has successfully exploited, a remote attacker takes over the router configurated
An internal whistleblower has raised concerns about the cybersecurity of Minnesota’s largest health insurer, BlueCross BlueShield. As reported yesterday by the Star Tribune newspaper, the whistleblower expressed concern that BlueCross BlueShield had left its system vulnerable to attack by neglecting
LightInTheBox Leaks Over 1TB of Customer Data
A Chinese online retailer with a huge North American fanbase has leaked more than 1 terabyte of customer data. The major breach in the security of LightInTheBox was discovered by researchers at vpnmentor on November 20. Researchers were able to
New Jersey’s largest hospital health network has paid threat actors an undisclosed sum to restore data compromised in a cyber-attack. Hackensack Meridian Health’s computer systems were shut down after being infected with ransomware on Monday, December 2. The attack caused
WhatsApp fixed a severe bug that could have allowed a malicious group member to crash the messaging app for all members of the same group. WhatsApp addressed a severe vulnerability that could have allowed a malicious group member to crash
Critical Whatsapp Bug Let Hackers to Crash & Delete Group Messages by Sending a Single Destructive Message
A new Whatsapp bug that allows hackers to crash the WhatsApp by sending a single destructive group chat message for all the group members and delete all the group’s chat history. Security researchers from Checkpoint discovered the bug buy manipulating
TP-Link has addressed a critical vulnerability impacting some TP-Link Archer routers that could allow attackers to login without passwords. TP-Link addressed a critical zero-day vulnerability (CVE-2017-7405) in its TP-Link Archer routers that could be exploited by attackers to remotely take
Emotet Spammers Send Christmas Phishing Emails
Spammers behind one of the most prolific botnets of recent years have begun bombarding users with Christmas-themed phishing lures, according to researchers. Phishing emails sent by the Emotet botnet were spotted by Cofense Labs. With typical subject lines such as
Despite the importance of setting strong passwords, users continue to setup week passwords which are easy to guess for an attacker. A strong password is key to protect your digital assets. Here is the list of Worst Passwords 2019 Memorizing
Security researchers have uncovered a massive 890GB database containing over one million highly sensitive web browsing records leaked by a South African IT company. The Elasticsearch database, which was left online without any password protection, belonged to Conor, which has
vpnMentor researchers discovered an unsecured server belonging to the Chinese e-store LightInTheBox.com containing 1.3TB of web server logs. Infosec researchers have uncovered an unsecured Elasticsearch database containing 1.3TB of web server log entries held by Chinese e-commerce website LightInTheBox.com. LightInTheBox
Security researchers from Trend Micro observed a new malware activity targeting devices running the Linux platform, the malware samples found to be connected with Momentum Botnet. The malware campaign targets to install a backdoor on the Linux platform that accepts
One in 172 RSA Keys Vulnerable to Attack: Report
The security of RSA certificates has come under scrutiny after researchers revealed that they were able to break nearly a quarter of a million currently active keys. Security vendor Keyfactor announced its findings in a paper published at the First
Apax Funds to Acquire Coalfire
Funds advised by global private equity advisors Apax Partners are to acquire cybersecurity assessment and consulting services provider Coalfire. The long-established cybersecurity firm, which has 730 employees operating from 11 locations in the United States and the United Kingdom, is
New Krampus-3PC Malware Attacks iPhone Users to Steal Cookies and Redirects to Malicious Websites
A new malware campaign dubbed Krampus-3PC targets iPhone users has impacted more than 100 UK news publisher and magazine websites. The users who visited those infected publication websites are redirected to fake grocery ads page. The malware campaigns mount up
The office of Pennsylvania attorney general Josh Shapiro has reached a settlement with travel websites Orbitz and Expedia following an investigation into a 2018 data breach. The cybersecurity incident, disclosed by Orbitz in March 2018, may have exposed the personal