Android “System Update” malware steals photos, videos, GPS location
A newly discovered piece of Android malware shares the same capabilities found within many modern stalkerware-type apps—it can swipe images...
News
Relax. Internet password books are OK
Passwords are a hot topic on social media at the moment, due to the re-emergence of a discussion about good...
WordPress Websites Infected with Malware Via Fake jQuery Files
Cybersecurity experts discovered fake variants of the jQuery Migrate plugin inserted in various sites that had unclear codes to launch...
Medical Professionals of U.S. and Israel Targeted in a ‘BadBlood’ Phishing Campaign
Email security firm, Proofpoint has exposed a hacking group linked with the Iranian government targeting nearly two-dozen medical researchers in...
Cyberextortion Threat Evolves as Clop Ransomware Attacked 6 U.S Universities Data Security
Malicious actors are now using novel ways to extract universities' data, and are threatening to share stolen data on dark...
Shell’s Employees’ Visas Dumped Online as part of Extortion Attempt
Royal Dutch Shell became the latest corporation to witness an attack by the Clop ransomware group. The compromised servers were...
US Based, Ubiquiti Inc. covers up a Catastrophic Data Breach, Claims a Whistle-blower
Ubiquiti Inc., a major provider of cloud-enabled Internet of Things (IoT) equipment such as routers, network video recorders, and surveillance...
DeepDotWeb admin pleads guilty to money laundering conspiracy
One of the administrators for the DeepDotWeb dark web portal pleads guilty to receiving kickbacks from the operators of the...
VMware fixed flaws in vROps that can be chained to compromise organizations
VMware addressed two vulnerabilities in its vRealize Operations (vROps) product that can expose organizations to a significant risk of attacks...
Akamai dealt with an 800Gbps ransom DDoS against a gambling company
Akamai has recently involved in the mitigation of two of the largest known ransom DDoS attacks, one of them peaked...
Ubiquiti security breach may be a catastrophe
The data breach disclosed by Ubiquiti in January could be just the tip of the iceberg, a deeper incident could...
US CISA warns of DoS flaws in Citrix Hypervisor
Citrix addressed vulnerabilities in Hypervisor that could be exploited by threat actors to execute code in a virtual machine to...
North Korea-linked hackers target security experts again
Researchers from Google’s Threat Analysis Group (TAG) reported that North Korea-linked hackers are targeting security researchers via social media. The...
The npm netmask vulnerability explained so you can actually understand it
The popular npm netmask library recently encountered a serious problem, explained as follows: The npm netmask package incorrectly evaluates individual...
IRS Warned of an Ongoing IRS-Impersonation Scam
The Internal Revenue Service (IRS) has cautioned of ongoing phishing assaults impersonating the IRS and targeting educational establishments. The assaults...
Here’s How to Safeguard Against Mobikwik Data Breach
Cybersecurity researchers claimed that the KYC data of as many as 11 crores Mobikwik users had been leaked and put...
Data Leak of 10cr Users: ‘The Largest KYC Data Leak in History’
According to cybersecurity researcher Rajshekahar Rajaharia, mobile payment app Mobikwik came under attack after the data of 10 crores of...
Financial Cyberthreats in 2020
2020 was challenging for everyone: companies, regulators, individuals. Due to the limitations imposed by the epidemiological situation, particular categories of...
5-star customer service: fraudsters launch massive campaign against Indonesia’s major banks on Twitter
Experts warn that cybercriminals are targeting Indonesia’s major banks posing as bank representatives or customer support team members on Twitter....
Chinese experts earned $20,000 for reporting a Chrome Sandbox Escape
Researchers have reported to Google a sandbox escape vulnerability in the Chrome web browser to Google that awarded them $20,000....
Email accounts of DHS members were compromised in the SolarWinds hack
Russian hackers accessed the email accounts of US Department of Homeland Security (DHS) officials as a result of the SolarWinds...
IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions
IETF has formally deprecated the TLS 1.0 and TLS 1.1 cryptographic protocols because they lack support for recommended cryptographic algorithms...
VMware addresses SSRF flaw in vRealize Operations that allows stealing admin credentials
VMware addressed a high severity vulnerability in vRealize Operations that could allow stealing admin credentials from vulnerable servers. VMware has published...
PYSA, the ransomware attacking schools
The education sector’s cybersecurity problem has compounded in the last few months. A recent warning from the FBI, in mid-March,...
