Android “System Update” malware steals photos, videos, GPS location
A newly discovered piece of Android malware shares the same capabilities found within many modern stalkerware-type apps—it can swipe images...
Relax. Internet password books are OK
Passwords are a hot topic on social media at the moment, due to the re-emergence of a discussion about good...
WordPress Websites Infected with Malware Via Fake jQuery Files
Cybersecurity experts discovered fake variants of the jQuery Migrate plugin inserted in various sites that had unclear codes to launch...
Medical Professionals of U.S. and Israel Targeted in a ‘BadBlood’ Phishing Campaign
Email security firm, Proofpoint has exposed a hacking group linked with the Iranian government targeting nearly two-dozen medical researchers in...
Cyberextortion Threat Evolves as Clop Ransomware Attacked 6 U.S Universities Data Security
Malicious actors are now using novel ways to extract universities' data, and are threatening to share stolen data on dark...
Shell’s Employees’ Visas Dumped Online as part of Extortion Attempt
Royal Dutch Shell became the latest corporation to witness an attack by the Clop ransomware group. The compromised servers were...
US Based, Ubiquiti Inc. covers up a Catastrophic Data Breach, Claims a Whistle-blower
Ubiquiti Inc., a major provider of cloud-enabled Internet of Things (IoT) equipment such as routers, network video recorders, and surveillance...
SharpDPAPI – A C# Port Of Some Mimikatz DPAPI Functionality
SharpDPAPI is a C# port of some DPAPI functionality from @gentilkiwi's Mimikatz project.I did not come up with this logic,...
Seatbelt – A C# Project That Performs A Number Of Security Oriented Host-Survey “Safety Checks” Relevant From Both Offensive And Defensive Security Perspectives
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and...
DeepDotWeb admin pleads guilty to money laundering conspiracy
One of the administrators for the DeepDotWeb dark web portal pleads guilty to receiving kickbacks from the operators of the...
VMware fixed flaws in vROps that can be chained to compromise organizations
VMware addressed two vulnerabilities in its vRealize Operations (vROps) product that can expose organizations to a significant risk of attacks...
Akamai dealt with an 800Gbps ransom DDoS against a gambling company
Akamai has recently involved in the mitigation of two of the largest known ransom DDoS attacks, one of them peaked...
Ubiquiti security breach may be a catastrophe
The data breach disclosed by Ubiquiti in January could be just the tip of the iceberg, a deeper incident could...
US CISA warns of DoS flaws in Citrix Hypervisor
Citrix addressed vulnerabilities in Hypervisor that could be exploited by threat actors to execute code in a virtual machine to...
North Korea-linked hackers target security experts again
Researchers from Google’s Threat Analysis Group (TAG) reported that North Korea-linked hackers are targeting security researchers via social media. The...
CVE-2020-19641
Summary: An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B. Authenticated attackers with...
CVE-2021-28669
Summary: Xerox AltaLink B80xx before 103.008.020.23120, C8030/C8035 before 103.001.020.23120, C8045/C8055 before 103.002.020.23120 and C8070 before 103.003.020.23120 provide the ability to...
CVE-2021-21727
Summary: A ZTE product has a DoS vulnerability. A remote attacker can amplify traffic by sending carefully constructed IPv6 packets...
CVE-2021-25349
Summary: Using unsafe PendingIntent in Slow Motion Editor prior to version 3.5.18.5 allows local attackers unauthorized action without permission via...
CVE-2021-25353
Summary: Using empty PendingIntent in Galaxy Themes prior to version 5.2.00.1215 allows local attackers to read/write private file directories of...
The npm netmask vulnerability explained so you can actually understand it
The popular npm netmask library recently encountered a serious problem, explained as follows: The npm netmask package incorrectly evaluates individual...
IRS Warned of an Ongoing IRS-Impersonation Scam
The Internal Revenue Service (IRS) has cautioned of ongoing phishing assaults impersonating the IRS and targeting educational establishments. The assaults...
Here’s How to Safeguard Against Mobikwik Data Breach
Cybersecurity researchers claimed that the KYC data of as many as 11 crores Mobikwik users had been leaked and put...
Data Leak of 10cr Users: ‘The Largest KYC Data Leak in History’
According to cybersecurity researcher Rajshekahar Rajaharia, mobile payment app Mobikwik came under attack after the data of 10 crores of...
