Facebook-owned WhatsApp has fixed six previously undisclosed vulnerabilities in its chat platform, revealing the move on a new dedicated security advisory site aimed at informing its more than 2 million users about bugs and keeping them updated on app security. The...
Google has recently released the stable version of Chrome 85 with numerous updates and a serious bug fix. Exploiting this bug could allow remote code execution. Code Execution Bug Fixed With Chrome 85 Reportedly, security researcher Marcin Towalski of Cisco Talos...
The United States Cybersecurity and Infrastructure Security Agency (CISA) has published a new report warning companies about a new in-the-wild malware that North Korean hackers are reportedly using to spy on key employees at government contracting companies. Dubbed...
TrickBot, a multi-purpose Windows malware, has evolved as one of the reliable backdoor for several other payloads. recently, a researcher found that TrickBot’s Anchor malware is now present with a new Linux version. TrickBot Anchor_Linux malware Named as Anchor_Linux,...
A zero-day vulnerability has been discovered in Zoom video conferencing software for Windows that could allow an attacker to execute arbitrary code on a victim’s computer running Microsoft Windows 7 or older. To successfully exploit the zoom vulnerability, all...
Researchers caught a bunch of dubious apps preying on Android users. This time, malicious Android apps stole Facebook credentials. The apps potentially affected millions of users. They found numerous apps on Google Play Store that targeted Android users with malware....
Researchers caught a bunch of dubious apps preying on Android users. This time, malicious Android apps stole Facebook credentials. The apps potentially affected millions of users. Researchers from a French cybersecurity firm Evina found numerous apps on Google Play...
Twitter has made it to the news due to a cyber security incident. This time, Twitter has apologized to its business users due to a personal data breach. Twitter has admitted a data breach involving personal information of some of its business clients. The incident...
Google recently removed 106 more extensions from its Chrome Web Store after they were found illegally collecting sensitive user data as part of a “massive global surveillance campaign” targeting oil and gas, finance, and healthcare sectors. However,...
38 different Android apps committing ad fraud. These apps included beauty camera and photo editing applications as well. In all, the apps boasted a whopping 20 million downloads altogether. Describing the types of frauds committed by the apps, there are three...
Microsoft released patches for 129 CVEs covering Microsoft Windows, Internet Explorer (IE), Microsoft Edge (EdgeHTML-based and Chromium-based in IE Mode), ChakraCore, Office and Microsoft Office Services and Web Apps, Windows Defender, Microsoft Dynamics, Visual...
Zoom Security Flaws Allowed Systems Hijacking Security researchers have caught a couple of security flaws in Zoom that allowed systems hijacking. As stated in their advisory, both of these were path traversal vulnerabilities that allowed an adversary to hack users’...
The security of the open-source supply chain is about the integrity of the entire software development and delivery ecosystem. A self-spreading and OSS supply chain malware was found abusing Github repositories. What has happened On March 9, 2020, GitHub’s Security...
Academics disclosed a security vulnerability in Bluetooth that could potentially allow an attacker to spoof a remotely paired device, exposing over a billion of modern devices to hackers. The attacks, dubbed Bluetooth Impersonation AttackS or BIAS, concern Bluetooth...
ESET researcher Lukas Stefanko revealed details about an Android app that targeted the ESET website with DDoS attacks. Briefly, the app dubbed as “Updates for Android” appeared on the Play Store as a news update app. It linked back to the website i-updater[.]com that...
Fraudsters are attempting to sell fake vaccines allegedly manufactured using the blood of patients who have recovered from COVID-19. The nonsense vaccines were among a crock of utter dog wings spotted for sale on the dark web by researchers from the Australian...
While the ongoing COVID-19 pandemic is already quite dreary, what makes it even worse is the dissemination of fake news. People have flooded Facebook and Twitter with treatments, remedies, news, and stats regarding COVID-19 without checking their authenticity....
A flaw in Apple’s mobile operating system may have left millions of iPhone and iPad users vulnerable to hackers. A mobile security firm, said a bug in the Mail app made devices susceptible to sophisticated attacks. The firm said it had “high...
NordVPN claimed that the usage of their services increased by 165% globally. Adversaries fake apps’ reviews to rank their apps so that they can get maximum downloads. It is indeed true that the world will not be the same place post-pandemic. A novel virus that has...
Google have recently removed a shady Android VPN App from the Play Store. Identified as SuperVPN Free VPN Client, this app boasted 100 million installs and had vulnerabilities allowing for MiTM attacks. SuperVPN Free VPN Client Bugs A couple of months ago, researchers...
Twitter has recently disclosed a vulnerability that indirectly affected users’ privacy. As disclosed, this Twitter bug allowed a browser to store cached files, including the private ones. Twitter Bug Left Cached Files Stored Twitter has disclosed a bug impacting some...
While Apple has built a credible stance regarding users’ privacy, a bug has recently made shown otherwise. As discovered, an unpatched vulnerability existed in recent iOS versions that stopped VPNs from entire traffic encryption. Hence, it triggered the possibilities...
Security experts have reported two such sites where this software could be found. It comes with bot management features including restarting and shutting down an infected device, updating bot client, and more. Researchers have discovered sites that are exploiting the...
There was a big threat to shared private data, channels, and conversation leak from the Slack platform. Slack addressed a critical flaw within 24 hours from its disclosure. A bug bounty hunter discovered a critical vulnerability in Slack, the popular team...
All Intel processors released in the past 5 years contain an unpatchable vulnerability that could allow hackers to compromise almost every hardware-enabled security technology that are otherwise designed to shield sensitive data of users even when a system gets...
Speaking at the RSA Conference in San Francisco, cybersecurity experts Aaron Turner and Georgia Weidman discussed two-factor authentication and biometrics as means to securing one’s phone. Although they concur that the two-factor authentication is the way to go, there...
Google has prohibited nearly 600 Android apps from the Play Store for bombarding users with disruptive ads and violating its advertising guidelines. The company categorizes disruptive ads as “ads that are displayed to users in unexpected ways, including impairing or...
Google removed 500 malicious Chrome extensions from its Web Store after they found to inject malicious ads and siphon off user browsing data to servers under the control of attackers. These extensions were part of a malvertising and ad-fraud campaign that’s been...
Last year, Facebook’s Messenger Kids made it to the news due to serious security issues. This year, Messenger Kids is under the limelight, however, for a positive change. Facebook has recently announced changes in the Messenger Kids app features that empower parents...
A cybersecurity researcher today disclosed technical details of multiple high severity vulnerabilities he discovered in WhatsApp, which, if exploited, could have allowed remote attackers to compromise the security of billions of users in different ways. When combined...
The startup that helped Instagram users gain popularity have unintentionally ditched their security, the service Social Captain inadvertently exposed users’ Instagram account passwords. Social Captain Bugs Exposed Data Recently, TechCrunch revealed details of a...
The hacking campaign makes use of previously known vulnerabilities in WordPress plugins. Some of the vulnerable plugins exploited include the ‘CP Contact Form with PayPal’ and the ‘Simple Fields’. More than 2000 WordPress sites have been hacked by cybercriminals for a...
Researchers have found numerous popular Android camera apps stealing users’ data and spying on them. Android Camera Apps Caught Spying These apps also include some popular beauty-filter applications with a large number of downloads as well. these apps that apparently...
If you have ever contacted Microsoft for support in the past 14 years, your technical query, along with some personally identifiable information might have been compromised. Microsoft today admitted a security incident that exposed nearly 250 million “Customer...
Amidst all the new malware that emerge every day, some old viruses also reappear after being revamped. One such example is the revamped Faketoken Android banking Trojan which now also hijacks devices to send SMS messages to premium foreign numbers. Faketoken Android...
Internet Explorer is dead, but not the mess it left behind. Microsoft earlier today issued an emergency security advisory warning millions of Windows users of a new zero-day vulnerability in Internet Explorer (IE) browser that attackers are actively exploiting in the...
PayPal has confirmed a bug in its website that could expose users’ email addresses and passwords. Considering the seriousness of the vulnerability, PayPal even awarded a $15K bounty to the researcher for reporting the flaw. PayPal Bug Exposing Credentials Researcher...
Are you using Firefox as your web browsing software on your Windows, Linux, or Mac systems? If yes, you should immediately update your free and open-source Firefox web browser to the latest version available on Mozilla’s website. Why the urgency? Mozilla earlier...
VISA has issued an alert that the point-of-sale (POS) systems of North American fuel dispenser merchants are under an increased threat of being targeted by cybercrime groups that have ties to top tier cybercrime underground carding shops. In November 2019, VISA issued...
The popular chat app in the Middle East is currently in hot waters. According to recent investigations, the app has received allegations of being a spy tool. Following such reports, both Apple and Google removed the ToTok app from their respective app stores. Spying...
Researchers warn that five vulnerabilities that stem from SQLite could enable remote code execution. Researchers have disclosed five recently-patched vulnerabilities in the Google Chrome browser that could be exploited by an attacker to remotely execute code. The...
Twitter for Android users are urged to update their app to fend off a security bug that allows hackers to access private account data and control accounts to send tweets and direct messages. Twitter for Android users are being urged to update their app to avoid a...
WhatsApp, once again, marginally escaped a serious security threat. As revealed, a WhatsApp vulnerability allowed an attacker to crash the app across multiple devices and permanently delete group chats. WhatsApp Vulnerability Deleting Group Chats Researchers from...
A major security flaw with Android mobile operating system has left over a billion Samsung, Huawei, LG and Sony smartphones vulnerable to cyber attacks. Researchers at cyber security firm Check Point identified the bug in Android-based phones, revealing that it only...
Following its efforts to take legal action against those misusing its social media platform, Facebook has now filed a new lawsuit against a Hong Kong-based advertising company and two Chinese individuals for allegedly abusing its ad platform to distribute malware and...
Facebook has finally started implementing the open source data portability framework as the first phase of ‘Data Transfer Project,’ an initiative the company launched last year in collaboration with Google, Apple, Microsoft, and Twitter. Facebook...
Two third-party software development kits integrated by over hundreds of thousands of Android apps have been caught holding unauthorized access to users’ data associated with their connected social media accounts. Twitter revealed that an SDK developed by...
Successful exploitation allows attackers to steal potentially sensitive information, change appearance of the web page, and perform phishing, spoofing and drive-by-download attacks. Users of the Microsoft Outlook for Android app should update their apps to avoid a...
Sharing videos on WhatsApp is a cool feature. However, due to a bug, this feature could have become a security threat for users. Facebook has recently revealed a WhatsApp vulnerability that could allow installing malware to target devices. WhatsApp Vulnerability...
Pindrop®’s annual Voice Intelligence Report has uncovered skyrocketing fraud rates, with 90 voice channel attacks occurring every minute in the U.S. Additional key findings include: Voice fraud continues to serve as a major threat, with rates climbing more than...
Data is a huge market commodity now and the threat of unsolicited data collection from online services is real. With security and privacy breaches hitting the news frequently, limiting what data your internet service provider or other online entities can collect is a...
The recent controversies surrounding the WhatsApp hacking haven’t yet settled, and the world’s most popular messaging platform could be in the choppy waters once again. The Hacker News has learned that last month WhatsApp quietly patched yet another...
Twitter has been forced to lock around 33 million accounts after their security details were posted online for sale.The accounts were breached by Russian hackers and posted on to ‘the dark web’ – a web service that requires specific advanced software to access. The...
Security researchers at Bitdefender have discovered a high-severity security vulnerability in Amazon’s Ring Video Doorbell Pro devices that could allow nearby attackers to steal your WiFi password and launch a variety of cyberattacks using MitM against other...
It seems the security experts need to work on developing some other technology for security considering the back-to-back threats to biometric authentication, particularly, the fingerprint scans. Recently, some Chinese hackers have claimed that they can hack any...
These scammers are using the same hashtags that are used by Cash App’s legitimate campaigns. When it comes to Cash App scams on YouTube, these scammers use YouTube to promote ‘money generators’ or ‘cash app’ hacks instead of running fake Cash App...
Cybersecurity researchers claim to have discovered a previously undocumented backdoor specifically designed for Microsoft SQL servers that could allow a remote attacker to control an already compromised system stealthily. Dubbed Skip-2.0, the backdoor malware is a...
Cisco has recently released patches for numerous serious security vulnerabilities. The flaws existed in the Cisco Aironet Access Points Software, one of which could even lead to remote code execution. Critical Vulnerability In Cisco Aironet APs Cisco has fixed a...
Cybersecurity fingerprinting refers to a set of information that can be used to identify network protocols, operating systems, hardware devices, software among other things. Hackers use fingerprinting as the first step of their attack to gather maximum information...
Despite back-to-back reports of malicious apps, Google’s Play Store still harbors lots of such applications. Once again, researchers have discovered a bunch of such applications, including gaming and photo apps, that delivered malware to users’ devices. Malicious...
EA Games has leaked the personal data of 1600 gamers who registered to take part in a competition via the company’s website. Contenders signing up for the FIFA 20 Global Series competition were asked to enter personal information into what should have been a...
According to recent reports, WhatsApp is seemingly working on a feature that might make it more trusted among the users. Specifically, they will soon launch an option that will allow users to share self-destructing messages. As reported first by Wabetainfo.com,...
Instagram Phishing Attack Exploiting Copyright Alert Reportedly, researchers from Sophos have discovered a new phishing attack targeting Instagram users. This time, the scammers strive to steal users’ login credentials by tricking them with bogus copyright...
Following the release of iOS 13 and iPadOS earlier this week, Apple has issued an advisory warning iPhone and iPad users of an unpatched security bug impacting third-party keyboard apps. On iOS, third-party keyboard extensions can run entirely standalone without...
Microsoft has issued a patch for an Internet Explorer remote code execution flaw that is being actively exploited in the wild. Microsoft has released out-of-band security updates addressing two vulnerabilities – including an Internet Explorer zero-day vulnerability...
Good news… next week, on September 19, Apple will roll out iOS 13, the latest version of its mobile operating system. Yes, we’re excited about, but here comes the bad news… iOS 13 contains a vulnerability that could allow anyone to bypass the...
Microsoft today released an updated version of its “Outlook for Android” that patches an important security vulnerability in the popular email app that is currently being used over 100 million users. According to an advisory, Outlook app with versions before 3.0.88...
If you use VLC media player on your computer and haven’t updated it recently, don’t you even dare to play any untrusted, randomly downloaded video file on it. Doing so could allow hackers to remotely take full control over your computer system....
If you have an account with Microsoft Outlook email service, there is a possibility that your account information has been compromised by an unknown hacker or group of hackers, Microsoft confirmed The Hacker News. Earlier this year, hackers managed to breach...
ransomware attack oracle weblogic server Taking advantage of newly disclosed and even patched vulnerabilities has become common among cybercriminals, which makes it one of the primary attack vectors for everyday-threats, like crypto-mining, phishing, and ransomware....
The cybercriminal group behind the infamous DNSpionage malware campaign has been found running a new sophisticated operation that infects selected victims with a new variant of the DNSpionage malware. First uncovered in November last year, the DNSpionage attacks used...
