Posts From Mo Moin

A new wave of attacks is targeting unsecured MongoDB database servers and wiping their content attempting to extort a ransom to the victims. The popular security expert Victor Gevers from the non-profit GDI Foundation reported a new wave of attacks

Nearly 100,000 customers have had their sensitive personal data and revealing photos exposed online after a US-based fitness company misconfigured an Amazon database. Las Vegas-headquartered V Shred left the S3 bucket containing over 1.3 million individual files publicly accessible, according

A mysterious uninstaller has been discovered in malware-laden tax software required for download by firms doing business in China, according to Trustwave. The security vendor explained last week how it discovered a backdoor it named GoldenSpy inside Intelligent Tax software,

Third-party apps on social media continue to misuse the data shared by users, researchers from the University of Iowa proposed a paper dubbed CanaryTrap details Data Misuse by Third-Party Apps on Online Social Networks. CanaryTrap aimed to misuse of data

Security researchers have discovered five dating apps in the US and East Asia which are leaking millions of customer records thanks to misconfigured cloud databases. A team from WizCase led by Avishai Efrat explained that the Elasticsearch servers, MongoDB databases

Sodinokibi ransomware (aka REvil) operators are demanding a $14 million ransom from Brazilian-based electrical energy company Light S.A. Sodinokibi ransomware (aka REvil) operators have breached the Brazilian-based electrical energy company Light S.A. and are demanding a $14 million ransom. The

Researchers have discovered a gaping hole in popular remote access system Apache Guacamole that puts thousands of companies with remote employees at risk. The flaw could allow attackers to control the software and the computers that connect to it. Luckily,

Schools and colleges in the US have leaked 24.5 million records since 2005, according to new research by technology website Comparitech. K-12 school districts across the country have suffered 1,327 breaches in the last 15 years–with last year’s count setting

Security researchers discovered multiple critical reverse RDP vulnerabilities in the remote desktop application Apache Guacamole. Security experts from Check Point Research have discovered multiple critical reverse RDP vulnerabilities in the Apache Guacamole, which is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and

Almost everyone at home now has a Wi-Fi router. People would probably ask you forthe network’s password to check their smartphone or show you vacation pictures stored in the cloud. Many will learn your wireless password soon so people will

Two critical security vulnerabilities found with Apache’s popular open-source remote desktop gateway Apache Guacamole. It supports all standard protocols like VNC, RDP, and SSH. The tool also comes with support for MFA (Multi-Factor Authentication), compliance with BYOD, and other security

Researchers at Cyble reported that Maze Ransomware Operators allegedly breached National Highways Authority Of India (NHAI). As part of regular darkweb monitoring, researchers from threat intelligence firm has spotted the data leak of National Highways Authority of India (NHAI). The Maze ransomware operators

The forms of malware most frequently investigated by security analysts are not actually the most widespread ones used by cyber-attackers, according to a new study by Kaspersky. It revealed that whilst Backdoors (24%) and Droppers (23%) are amongst the top

Security researchers are warning of new Mac ransomware spread via pirated software on torrent and similar sites. Malwarebytes director of Mac and mobile, Thomas Reed, explained that the EvilQuest malware is now dubbed “OSX.ThiefQuest” to avoid confusion with a 2012

A scam cryptocurrency trading platform has been wound up by the courts after stealing GBP1.5m in clients’ funds. Gpay Limited was incorporated on 30 August 2017, and later traded as Cryptopoint and XtraderFX, according to a statement from government agency

Facebook has discovered another back-end privacy issue which meant that thousands of apps continued to receive users’ personal information even after access should have automatically expired. The social network’s vice-president of platform partnerships, Konstantinos Papamiltiadis, explained in a blog post