vpnMentor’s research team discovered a hack affecting 80 million US households, and the incident is still actively leaking data. Known hacktivists Noam Rotem and Ran Locar discovered an unprotected database impacting up to 65% of US households. Hosted by a Microsoft cloud server, the 24 GB database includes the number of people living in each household […]
A cyber survey conducted by the United Kingdom’s National Cyber Security Centre (NCSC) revealed that ‘123456’ is still the most hacked password. Security experts at the United Kingdom’s National Cyber Security Centre (NCSC) analyzed the 100,000 most-commonly re-occurring breached passwords using data from Have I Been Pwned (HIBP). Have I Been Pwned allows users to […]
The Hong Kong office of Amnesty International has been hit by a long-running cyberattack carried out by China-linked hackers. Amnesty International’s Hong Kong office has been hit with a cyberattack launched by China-linked hackers. “This sophisticated cyber-attack underscores the dangers posed by state-sponsored hacking and the need to be ever vigilant to the risk of […]
Microsoft presented a series of security enhancements for its Windows 10, including the removal of the password-expiration policy. Microsoft announced the removal of the password-expiration policy from its operating system starting with the next Windows 10 feature update (Windows 10 version 1903, a.k.a., “19H1” ) and Windows Server version 1903. The idea behind this change […]
Researchers devised a new side-channel attack in Qualcomm technology, widely used by most Android smartphones, that could expose private keys. Researchers have uncovered a new side-channel attack that could be exploited by attackers to extract sensitive data from Qualcomm secure keystore, including private keys, and passwords. The attack potentially impacts most of the modern Android […]
Experts observed several malspam campaigns using signed emails to deliver the GootKit banking Trojan (aka talalpek or Xswkit). Threat actors leverage a multi-stage malware loader tracked as JasperLoader in the malspam campaigns over the past few months. The JasperLoader was observed while distributing malware to targets from Central Europe, most of them in Italy and […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! 60 Million records of LinkedIn users exposed online INPIVX hidden service, a new way to organize ransomware attacks Ride-Hailing Company operating in Iran exposes data of Iranian Drivers A […]
A new variant of the AESDDoS bot is exploiting a recent vulnerability in the Atlassian collaborative software Confluence. Security experts at Trend Micro have spotted a new variant of AESDDoS botnet that is exploiting a recently discovered vulnerability in the Atlassian collaborative software Confluence. The flaw exploited in the attacks, tracked as CVE-2019-3396, is a […]
US NIST updates its Automated Combinatorial Testing for Software (ACTS) research toolkit that should help experts in finding bugs in complex safety-critical applications. US NIST announced updated for its Automated Combinatorial Testing for Software (ACTS) research toolkit that should allow developers easily spot software errors in complex safety-critical applications. The ACTS toolkit allows development teams […]
Security experts discovered hosted on GitHub the skimmer scripts used by Magecart cybercrime gang to compromised Magento installations worldwide. Experts discovered the Magecart skimmer scripts used to compromise a few hundred e-commerce websites worldwide hosted on GitHub. Security firms have monitored the activities of a dozen Magecart groups at least since 2015. The gangs use […]