Tor Project maintainers warned users about a severe flaw in the Tor browser that may execute JavaScript code on sites it should not. The Tor Project announced a major bug in the Tor browser that may cause the execution of JavaScript code on sites for which users have specifically blocked JavaScript. The development team at […]
A cyber attack hit one of the major COVID-19 testing laboratories in Czech, the Brno University Hospital in the city of Brno. While the Coronavirus (COVID-19) is spreading on a global scale, crooks and nation-state actors are launching Coronavirus-themed attacks against targets worldwide. The healthcare systems of any country are under pressure, for this reason, […]
European authorities dismantled two cybercrime organizations responsible for stealing millions through SIM hijacking. European authorities managed to dismantle the operations of two cybercrime gangs responsible for stealing millions through SIM hijacking. In SIM hijacking attacks (aka SIM swapping attacks) crooks are able to port the phone number of the victims to a new SIM card […]
VMware has fixed three serious flaws in its products, including a critical issue in Workstation and Fusion that allow code execution on the host from guest. VMware has addressed three serious vulnerabilities in its products, including a critical flaw in Workstation and Fusion that could be exploited to execute code on the host from guest. […]
Experts discovered an Android Trojan, dubbed Cookiethief, that is able to gain root access on infected devices and hijack Facebook accounts. Security experts from Kaspersky recently discovered Android Trojan that was designed to gain root access on infected devices and hijack Facebook accounts by stealing cookies from the browser and the social media app. “We […]
In the last weeks, security experts reported many Coronavirus-themed attacks carried out by cybercrime gangs, now experts warn of similar attacks from nation–state actors. Recently security experts reported many Coronavirus-themed attacks carried out by cybercrime gangs, but now experts are warning of similar attacks launched by nation-state actors. State-sponsored hackers from Russia, China, and North […]
Flaws in the Popup Builder WordPress plugin could allow unauthenticated attackers to inject malicious JavaScript code into popups of 100K+ websites. The Popup Builder WordPress plugin is affected by security flaws that could be exploited by unauthenticated attackers to inject malicious JavaScript code into popups displayed on websites using it. More than 100,000 websites are […]
The Russia-linked APT group Turla employed two new pieces of malware in attacks launched over a period of roughly two months in the fall of 2019. The Russia-linked APT group Turla employed two new pieces of malware in attacks launched over a period of roughly two months in the fall of 2019. The Turla APT group (aka Snake, Uroburos, Waterbug, Venomous […]
Microsoft released security updates to fix a recently disclosed CVE-2020-0796 vulnerability in SMBv3 protocol that could be abused by wormable malware. Microsoft has released security updates to address the CVE-2020-0796 vulnerability in SMBv3 protocol that could be exploited by vxers to implement “wormable” malware. On March 10, 2019, Microsoft accidentally leaked info on a security update for […]
Security experts have discovered that card data stolen last year from Volusion-hosted online stores is now available for sale on the dark web. Experts from the threat intel firm Gemini Advisory have discovered that card data stolen last year from Volusion-hosted online stores have surfaced on the dark web. Volusion is a privately-held technology company that […]