Magecart cybercrime gang made the headlines again, the cyber criminal gang is now targeting vulnerable Magento Extensions. Magecart cybercrime gang switches tactic, it is now targeting vulnerable Magento extensions. instead of compromising large websites or third-party services to steal credit card data. In previous campaigns, attackers customize the attack for each victim tailoring the code for each target site according […]
The security researcher SandboxEscaper has released the proof-of-concept exploit code for a new Windows zero-day, Windows users are now exposed to attacks. The security researcher using the Twitter handle @SandboxEscaper is back and has released the proof-of-concept exploit code for a new Windows zero-day vulnerability. At the end of August, the same researcher disclosed the details of zero-day privilege escalation vulnerability […]
Security experts from Sophos Labs have spotted a new piece of IoT malware tracked as Chalubo that is attempting to recruit devices into a botnet used to launch DDoS attacks. Security experts from Sophos Labs have spotted a new piece of Linux malware tracked as Chalubo (ChaCha-Lua-bot) that is targeting IoT devices in an attempt to recruit them into […]
Security experts from FireEye found evidence that links the development of the Triton malware (aka Trisis and HatMan) to a Russian government research institute. In December 2017, experts from FireEye discovered a new strain of malware dubbed Triton that was specifically designed to target industrial control systems (ICS). The Triton malware has been used in attacks aimed at a critical […]
The reverse engineer researcher Nathaniel Suchy discovered that Signal Desktop application leaves message decryption key in plain text exposing them to an attacker. Signal Desktop application leaves message decryption key in plain text potentially exposing them to an attacker. The issue was discovered by the reverse engineer researcher Nathaniel Suchy The flaw affects the process implemented by the Signal Desktop […]
A new version of the Azorult info-stealer appeared in the wild, it is able to steal more data, including other types of cryptocurrencies A new version of the Azorult info-stealer appeared in the wild, it is able to steal more data, including other types of cryptocurrencies, and implements new features. The latest version of the Azorult was delivered through the […]
The U.S. Food and Drug Administration (FDA) is embracing the work of ethical hackers and their researches to secure medical devices. Hacking is an ever-present concern in today’s highly connected society. People typically shudder to think about their smart speakers or home security systems getting compromised, and indeed, vulnerabilities in those devices would be traumatizing. […]
The security patch for the recently disclosed cross-site scripting (XSS) vulnerability in Branch.io has introduced another similar XSS vulnerability. According to the security researcher Linus Särud, the security fix for the recently disclosed cross-site scripting (XSS) vulnerability in Branch.io has introduced another similar XSS vulnerability. The Branch.io company provides the leading mobile linking platform, with solutions that unify […]
Hackers defaced Future Investment Initiative (FII) website for a Saudi investment summit just a day before the three-day conference begins. An unknown group of hackers has defaced the website of the Future Investment Initiative (FII) website, a Saudi investment summit, just a day before the three-day conference begins. Below the Tweet of Nahayat Tizhoosh (@NahayatT), a producer with […]
The NATO military command center should be fully operational in 2023, every member states will contribute with its cyber capabilities to the military hub. The new NATO military command center should be fully operational in 2023, among its tasks the defense of the critical infrastructure of member states and the ability to carry out cyber attacks […]