Attackers Store Malware in Hidden Directories of Compromised HTTPS Sites Security experts at Zscaler discovered that threat actors are using hidden “well-known” directories of HTTPS sites to store and deliver malicious payloads. Crooks are utilizing hidden “well-known” directories of HTTPS

The OceanLotus APT group, also known as APT32 or Cobalt Kitty, leverages a steganography-based loader to deliver backdoors on compromised systems. Security researchers at Cylance discovered that the OceanLotus APT (also known as APT32 or Cobalt Kitty, group is using

The huge trove of Facebook user data was amassed and stored online on unprotected cloud servers by third-party Facebook app developers. Definitively I can tell you that this is an awful period for Facebook and its users. We first read

Half of cyber-attacks today use so-called “island hopping” techniques to infect a supply chain partner en route to a higher value target, according to a new report from Carbon Black. The security vendor’s Quarterly Incident Response Threat Report features qualitative

Security expert discovered thousands of unsafe Kibana instances that are exposed online, the news was first reported by colleagues at THN. Kibana is an open source data visualization plugin for Elasticsearch. It provides visualization capabilities on top of the content

Another ransomware attack made the headlines, this time the victim is the City of Albany, its computer systems were infected with the malware. Computer systems in the City of Albany, New York, were infected with ransomware over the weekend that

A change made months ago in an open-source JavaScript library introduced a cross-site scripting (XSS) vulnerability in Google Search. The Japanese security researcher Masato Kinugawa discovered an XSS vulnerability in Google Search that was introduced with a change made months

A trove of personal data linked to over 12.5 million women was leaked online by the Indian government, after yet another MongoDB misconfiguration, according to researchers. Bob Diachenko of Security Discovery, claimed to have made the find on March 7

Thales has completed the acquisition of Gemalto for a deal worth EUR4.8 billion. The addition of Gemalto will see Thales develop secure solutions to address the major challenges such as unmanned air traffic management, data and network cybersecurity, airport security

CMS based sites such as WordPress and Joomla are the popular targets for cybercriminals, they hijack those sites and inject malicious contents. ThreatLabZ researchers detected a campaign that targets WordPress and Joomla sites to distribute Shade/Troldesh ransomware, backdoors, redirectors, and

VMware released security updates to address vulnerabilities in its vCloud Director, ESXi, Workstation and Fusion products. The company also fixed the security flaws disclosed at the Pwn2Own 2019 hacking competition. VMware released updates to address vulnerabilities in vCloud Director, ESXi,

Earl Enterprises, the parent company of Planet Hollywood and other US restaurant chains, has admitted suffering a 10-month breach of customer payment card data. The firm said in a notice on Friday that hackers installed POS malware at a number

Mark Zuckerberg has called on governments and regulators to come up with new rules for the internet in four key areas of policy. The Facebook founder and supremo said in a Washington Post op-ed over the weekend that he wants

In accordance with its “coordinated inauthentic behavior” or spam policy, Facebook announced that it removed 687 pages and accounts in India that were linked to actors associated with an IT cell of the Indian National Congress (INC). Removing the accounts