Archive
A group of security researchers has found thousands of Android apps containing hidden backdoors and blacklists. Researchers from The Ohio State University, New York University, and CISPA Helmholtz Center for Information Security analyzed thousands of mobile applications for Android and
An APT group is exploiting the flaws patched earlier this year in Firefox and Internet Explorer in attacks aimed at China and Japan. An APT group is exploiting two vulnerabilities patched earlier this year in Firefox and Internet Explorer in
Researchers spotted a new Coronavirus-themed attack, the messages pretend to be sent from the World Health Organization to deliver Lokibot infostealer. Security experts at FortiGuard Labs discovered a new Coronavirus-themed campaign using alleged messages from the World Health Organization (WHO)
Microsoft declared that an Emotet attack took down an organization’s network by overheating all the computers and bringing its Internet access down. Microsoft shared details of the Emotet attack suffered by an organization named Fabrikam in the Microsoft’s Detection and
iOS/macOS Webcam Can be Hacked With A Single Click On Malformed Link – Hacker Rewarded $75,000
By just making the users visiting a link, an attacker can hack the users’ iOS/macOS Camera using zero-day bugs in Safari. With iOS and macOS camera security model every app needs to assigned permission manually but Apple’s own app such
Bad news for Apple iPhone or MacBook users, attackers could hack their device’s camera by tricking them into visiting a website. The ethical hacker Ryan Pickren demonstrated that it is possible to hack Apple iPhone or MacBook users by simply tricking
Threat Group Lures Victims with Teddy Bears
A threat group is using gift cards, sweet-faced teddy bears, and the United States Postal Service to carry out a new physical phishing campaign. The deceptive ruse has been identified as the work of FIN7, otherwise known as the Navigator
RiskIQ researchers spotted a new ongoing Magecart campaign that already compromised at least 19 different e-commerce websites. Researchers from security firm RiskIQ have uncovered a new ongoing Magecart campaign that already compromised at least 19 different e-commerce websites to steal
Zoom has announced a freeze on new features as it grapples with emerging security and privacy issues, including three new security bugs revealed this week. The video conferencing app has been catapulted into the mainstream after widespread COVID-19 government lockdowns
A group of civil society organizations has called for restraint after warning that governments around the world are rolling out invasive surveillance programs on a massive scale to track and manage the spread of COVID-19. A statement signed by 100
The Internal Revenue Service (IRS) is warning taxpayers of a new wave of phishing calls and messages designed to trick victims into handing over financial details by capitalizing on the COVID-19 pandemic. A large number of these scams attempt to
APT Hackers Attack Indian Financial Institutions To Exfiltrate the Sensitive Data With Crimson RAT
Researchers uncovered a new wave of an APT campaign that target the Indian financial institutions with the powerful Crimson RAT to compromise the network devices and exfiltrate the sensitive data. Crimson RAT was initially observed in 2016 that targeted the
Kali NetHunter mid-term updates released that highlights the various development features implemented on the selected devices. The new update brings support for various features that improve the support and the compatibility of the Kali NetHunter. Monitor support for Qualcomm wifi
New MakeFrame Skimmer Claims 19 Victims
At least 19 websites have fallen victim to a new data skimmer that appears to have been developed by threat group Magecart Group 7. Dubbed ‘MakeFrame’ by researchers at RiskIQ, the new data skimmer has been spotted out in the
Key Ring App Data Leak Exposes 44 Million Images
A digital wallet app with millions of users has become the latest organization to be caught storing customer data in unsecured Amazon Web Services (AWS) S3 buckets. Researchers at vpnMentor discovered five misconfigured buckets containing the personal data of 14
London Hit by Quarantine Text Scam
Scammers are targeting Londoners with fake fine notification texts that accuse victims of flouting the country’s lockdown rules. The malicious text has been designed to look like a genuine COVID-19 alert sent by the UK government. Victims who receive the