Microsoft has kicked off the new decade with fixes for half a century of vulnerabilities, including one discovered by the NSA that could allow hackers to spoof digital certificates to bypass security measures. This month’s Patch Tuesday focused around the

An app designed to record and share milestones in a child’s development has leaked thousands of images and videos of babies online. Bithouse Inc., the developer of the Peekaboo Moments app, failed to secure a 100 GB Elasticsearch database containing

Four months after fleeceware’s initial exposure, Android users who purchase “subscriptions” to apps from the Google Play Store are still at risk of being ripped off. Fleeceware hit the news in September 2019, when researchers at SophosLabs showed how some

Researchers discovered a new type of strange malware that targeting android device, and use the victim’s mobiles to provide fake ratings in Google play store apps for malicious apps. You may have seen reviews in Google Play apps that seem

CISA has released a new tool for administrators and users to check for Citrix Application Delivery Controller (ADC) and Citrix Gateway vulnerability. The vulnerability can be tracked as CVE-2019-19781, it allows an unauthenticated remote attacker to execute arbitrary code on

A Texas school district has found out the hard way that phishing attacks remain a serious financial threat to organizations of all shapes and sizes, losing an estimated $2.3m in a recent scam. Manor Independent School District took to Twitter

A website set-up to accept donations for victims of the devastating Australian bushfires has become a victim itself — of digital skimming code designed to harvest card details. Security researchers at Malwarebytes took to Twitter to reveal the problems that

A threat hunting team can be better enabled when given the time and interest to focus on what it wants. Speaking at the SANS Institute Threat Hunting and IR Europe conference in London, David Bianco, principal engineer, cybersecurity and Cat

The verdant city of Seattle is to host a new three-day event dedicated to cybersecurity and the cloud. CSA SECtember will feature in-depth training sessions, networking opportunities, and the chance to interact with a score of global experts. The event

The United States Transport Security Administration (TSA) has publicly announced that it’s on a “quest to merge cybersecurity and information technology.” Instead of cybersecurity’s being an add-on or afterthought, the TSA wants the industry to adopt a culture of “cybersecurity

Speaking at the SANS Institute Threat Hunting and IR Europe conference in London, Tom Hall, principal consultant for incident response and Mitch Clarke, incident response consultant UK&I, at Mandiant, talked about lessons learned from the APT41 detection last summer, and

IT administrators are being urged to put in place mitigations for a serious Citrix vulnerability which the vendor says won’t be patched until next week at the earliest, after proof-of-concept (PoC) exploits were published. The tech giant revealed the CVE-2019-19781

The Maze ransomware gang has released 14GB of files that they claim were stolen from one of its victims, the Southwire cable manufacturer. The victims of the Maze Ransomware are facing another risk, after having their data encrypted now crooks

Security researchers from Malwarebytes found pre-installed malware on UMX U683CL handsets. The phones are made under the Lifeline program to low-income consumers for Affordable Communications. Multiple users reported to Malwarebytes that HiddenAds suddenly get installed on their UMX mobile phone,

There are different OS for Hacking and Penetration Testing with Linux distro is dedicatedly developed for Security Researchers or Ethical Hackers to perform various operations in security industries with a variety of hacking tools that prebuilt with OS. Linux is

Security researchers are warning of a new critical vulnerability affecting multiple cable modem manufacturers that use Broadcom chips — exposing hundreds of millions of users to remote attacks. Discovered by three researchers from security consultancy Lyrebirds and an independent, the