PayPal addresses reflected XSS bug in user wallet currency converter
PayPal has addressed a reflected cross-site scripting (XSS) vulnerability that affected the currency converter feature of user wallets. PayPal has...
News
Security Affairs newsletter Round 301
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
FBI’s alert warns about using Windows 7 and TeamViewer
The FBI is warning companies about the use of out-of-date Windows 7 systems, desktop sharing software TeamViewer, and weak account...
Court documents show FBI could use a tool to access private Signal messages on iPhones
Court documents obtained by Forbes revealed that the FBI may have a tool that allows accessing private Signal messages on iPhones. Court...
Sift Exposes New Telegram Fraud Scheme to Exploit Restaurants and Food Delivery Apps
As the popularity of food delivery apps is increasing with each passing day so is the revenue, as a consequence, these apps...
NIST NVD Report Shows Increase in Low-Complexity CVEs
Common vulnerabilities and exposures, or CVEs, are seemingly increasing at a faster rate as a proportion of the overall number...
Ukraine’s PrivatBank Database for Sale on a Hacking Forum
PrivatBank is the biggest commercial bank in Ukraine, as far as the number of customers, assets value, loan portfolio, and...
The Importance of a Proactive Cyber Defense Solution To Protect Your Critical Data
Personal and Corporate data is now regularly targeted and traded by unscrupulous actors, protect it with a proactive Cyber Defense...
Gmail users from US most targeted by email-based phishing and malware
Google revealed that Gmail users from the United States are the most targeted by email-based phishing and malware. A joint...
Yandex security team caught admin selling access to users’ inboxes
Russian internet and search company Yandex discloses a data breach, a system administrator was selling access to thousands of user...
Microsoft: web shell attacks have doubled over the past year
Microsoft’s Detection and Response and 365 Defender teams are sounding the alarm that the number of observed attacks using web...
Who is to blame for the malicious Barcode Scanner that got on the Google Play store?
In our last blog, Barcode Scanner app on Google Play infects 10 million users with one update, we wrote about...
Malvertising campaign on PornHub and other top adult brands exposes users to tech support scams
Threat actors involved in tech support scams have been running a browser locker campaign from November 2020 until February 2021...
Nude photo theft offers lessons in selfie security
Two former college graduates are in a lot of trouble after breaking into other students’ accounts and stealing sensitive personal...
CEO of Koo App Denies the Allegations of Data Breach by French Hacker
Koo, a home-grown microblogging platform has come under the scanner after a French ethical hacker known by the moniker Elliot...
RiskSense Report Affirms Surge in Vulnerabilities Associated with Ransomware
In recent years, the threat from Ransomware has grown enormously. The ransomware attacks have started to threaten more web applications,...
TIM’s Red Team Research (RTR) discovered a critical zero-day vulnerability in IBM InfoSphere Information Server
Researchers at TIM’s Red Team Research discovered a zero-day vulnerability in IBM InfoSphere Information Server. Today, TIM’s Red Team Research...
Microsoft warns of the rise of web shell attacks
Researchers from Microsoft are warning that the number of monthly web shell attacks has doubled since last year. Microsoft reported...
The “P” in Telegram stands for Privacy
Security expert Dhiraj Mishra analyzed the popular instant messaging app Telegram and identified some failures in terms of handling the...
Lampion trojan disseminated in Portugal using COVID-19 template
The fresh release of the Latin American Lampion trojan was updated with a new C2 address. Lampion trojan disseminated in...
Avaddon ransomware decryptor released, but operators quickly reacted
An expert released a free decryption tool for the Avaddon ransomware, but operators quickly updated malware code to make it...
Experts spotted two Android spyware used by Indian APT Confucius
Lookout researchers provided details about two Android spyware families employed by an APT group tracked as Confucius. Researchers at mobile...
Researcher’s audacious hack demonstrates new type of supply-chain attack
Often the most brilliant ideas are the most simple. The hard part is being the first one to come up...
Researchers Spotted Two Android Spyware Linked to Confucius
Researchers at cybersecurity firm Lookout have published information on two recently discovered Android spyware families utilized by an advanced persistent...
