New thunderclouds on Facebook, the social network giant is accused of tracking non-users via Android apps. According to a report presented by Privacy International yesterday at 35C3 hacking conference held in Germany, the list of Android apps that send tracking and personal information back to Facebook includes dozens of apps including Kayak, Yelp, and Shazam, “Facebook routinely tracks users, non-users […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! Cisco ASA is affacted by a privilege escalation […]
A couple of researchers demonstrated how to bypass vein based authentication using a fake hand build from a photo. If you consider vein based authentication totally secure, you have to know that a group of researchers demonstrated the opposite at the Chaos Communication Congress hacking conference. Vein based authentication scan invisible vein pattern (i.e. shape, […]
A vulnerability in the Guardzilla home video surveillance system could be exploited by users to watch Guardzilla footage of other users. The Guardzilla All-In-One Video Security System is an indoor video surveillance solution. The flaw was discovered by the researchers Nick McClendon, Andrew Mirghassemi, Charles Dardaman, INIT_6 and Chris, from 0DayAllDay, the issue was reported […]
Personal details of roughly 1,000 North Korean defectors living in South Korea have been leaked in a hacking case. Personal details of nearly 1,000 North Korean defectors were leaked as a result of a cyber attack exposing them to severe threats from Pyongyang. A similar incident has never happened before, the Unification Ministry said that […]
The security researcher Bruno Keith from the Phoenhex group published a PoC code for a remote code execution flaw in Microsoft Edge browser (CVE-2018-8629). The vulnerability affects the JavaScript engine Chakra implemented in the Edge web browser, an attacker could exploit it to execute arbitrary code on the target machine with the same privileges as […]
A new sample of Shamoon 3 was uploaded on December 23 to the VirusTotal platform from France, it is signed with a Baidu certificate. A new sample of the dreaded Shamoon wiper was uploaded on December 23 to the VirusTotal platform from France. This sample attempt to disguise itself as a system optimization tool developed […]
Security firm Group-IB has estimated that the market volume of illegal online sales of alcohol in Russia exceeded 30 million USD in 2018, i.e. almost 5.8 million USD (+23%) more than in 2017. Group-IB Brand Protection team discovered a total of around 4,000 websites illegally selling alcohol. Criminals create entire networks from the âmirrorâwebsitesâ of their online alcohol stores; if one […]
BevMo, the wine and liquor store, is warning customers of payment card breach and reported the incident to the authorities. The wine and liquor store BevMo suffered a payment card breach, a hacker stole credit card numbers and other information from more than 14,000 customers who purchased goods on the website. The company has notified […]
The latest version of Google OS, Android Pie, implements significant enhancements for cybersecurity, including a stronger encryption and authentication. Google experts worked on OS hardening and the implementation of anti-exploitation mechanisms with a great attention to the user privacy. The tech giant updated the File-Based Encryption implementing the support for external storage media, it also […]