Posts From CCME
Researchers have raised serious privacy concerns over the use of medical apps in the Google Play store after noting that the majority share user data with third parties. Published in The BMJ this week, the study led by University of
The financially-motivated hacking group FIN7 is back and used a new piece of malware in a recent hacking campaign. Security experts at Flashpoint revealed that the financially-motivated cybercrime group FIN7 (aka Anunak and Carbanak) used new malware in a recent
UK E-commerce Fraud Soars 27% in 2018
UK e-commerce fraud hit nearly GBP400m in 2018, accounting for the vast majority (78%) of all card not present (CNP) fraud and fueled by an ongoing epidemic in data breaches and social engineering, according to UK Finance. The banking industry
Cisco released security updates to address vulnerabilities in its IP Phone 7800 and 8800 series that could be exploited by remote, unauthenticated attackers. Cisco released security patches to address vulnerabilities in its IP Phone 7800 and 8800 series that could
A vulnerability exists with the web version of Google photos allows malicious websites to extract the photos metadata information. Google photos will tag your photos automatically based on the metadata information such as geographic coordinates, date, etc. The Photo metadata
Android Q – Beta Released with High Level Privacy and Security Features With TLS 1.3 Support
Google released a new Beta version of Android Q that brings a number of additional privacy and security features for Android users. Since Android reached a billion users, Google has a great responsibility to ensure the user’s privacy and security
A group of academics, government experts, charities and others has come together to help UK boards better assess cyber risk. The Cyber Readiness for Boards initiative is being funded by the National Cyber Security Centre (NCSC) and charity the Lloyd’s
State-sponsored Russian hackers are targeting NATO members and European governments ahead of the upcoming European Parliament elections, according to new FireEye intelligence. The security vendor claimed to have detected spear-phishing activity from the prolific Kremlin-linked APT28 and Sandworm Team groups.
UK Police Federation Hit by Ransomware
The UK’s Police Federation of England and Whales (PFEW) was the victim of a malware attack, according to two different tweets posted by the National Cyber Security Center (NCSC) UK and the PFEW. According to the Police Federation, the attack
How to Perform Manual SQL Injection While Pentesting With Single quote Error Based Parenthesis Method
If you are trying to hack the databases with methods like single quotes error based injection, Integer based injection or double quotes method but the databases are not vulnerable to those methods injection will fail and you cannot connect with
Security experts at riskIQ revealed today that another two organizations were victims of Magecart crime gang, the bedding retailers MyPillow and Amerisleep. Security experts at RiskIQ announced that the two bedding retailers MyPillow and Amerisleep were victims of the Magecart
Extensive Ransomware Attack Hits Worldwide Operation at Aluminum Manufacturing Gaint Norsk Hydro
Extensive Ransomware Attack forced to shut down operations at, Norsk Hydro, one of the world’s largest aluminum producers. The company suffered production outages across Europe and the U.S. The cyberattack shut down operations in the number of metal extrusion and
APT-C-27 Hackers Launching njRAT Backdoor via Weaponized Word Documents to Control the Compromised Device
Goldmouse APT group (APT-C-27) now start exploiting the WinRAR vulnerability (CVE-2018-20250[6]) to hide the njRAT backdoor and targeting users reside in the Middle East via decoy Word document to compromise and control the device. The 19-year-old vulnerability was disclosed by
BEC Gift Card Scams Go Mobile
Cyber-criminals are evolving their tactics with Business Email Compromise (BEC) attacks by transferring victims from email over to mobile communications channels early on in a scam, according to Agari. Researcher James Linton described how such an attack typically takes place,
Security experts at Check Point uncovered a sophisticated malware campaign spreading the SimBad malicious code through the official Google Play Store. Researchers at Check Point have uncovered a sophisticated malware campaign spreading the SimBad agent through the official Google Play
Attacks Target AmEx, NetFlix Users with Phishing
Windows Defender Security Intel has reported two major phishing attacks targeting American Express and NetFlix. The Office 365 research teams discovered the attacks, which reportedly emerged over the weekend, hitting unsuspecting customers with well-crafted phishing campaigns that attempt to steal