Researchers have discovered a new hacking campaign leveraging on Facebook Messenger to spread the Locky ransomware via SVG images. The Locky Ransomware is spread via a downloader, experts noticed that it is able to bypass Facebook defense measures by pretending to be a harmless image file. The campaign was first spotted during the weekend by the malware […]
The security expert Michele Orru from FortConsult has released an automated phishing toolkit dubbed ‘PhishLulz’ for penetration testing activities. The security expert Michele Orru from FortConsult, aka @antisnatchor, has released an automated phishing toolkit dubbed ‘PhishLulz’ for penetration testing activities. The PhishLulz tool was presented at the Kiwicon hacking event held Wellington New Zealand last week. PhishLulz is […]
A strain of Android spyware recently analyzed by security experts from RedNaga Security team points to an another Italian company. A new strain of Android malware reveals the existence of a new Italian player in the surveillance landscape. The Android spyware was analyzed by researchers from the RedNaga Security team, that is a first time […]
Kapustkiy, one of the most prolific hackers at this moment announced a new data breach, the victim is the India Regional Council. Last week, I was contacted by a young hacker that breached Indian embassies across the worlds, he goes online with the moniker Kapustkiy. Kapustkiy is a seventeen years old pentester that is targeting […]
For the second time in a few days, security experts spotted a backdoor in the firmware of low-cost Android devices. Last week, security experts from Kryptowire firm have discovered a backdoor in the firmware installed on low-cost Android phones. The backdoor affects mobile phones from BLU Products that are available for sale on both Amazon and Best Buy. The […]
The ICS-CERT has published two security advisories to describe a number of flaws in surveillance products from Moxa and Vanderbilt firms. Surveillance systems produced by Moxa SoftCMS and IP cameras manufactured by Vanderbilt are affected by serious vulnerabilities that can be exploited by remote attackers to obtain full control of flawed systems. The ICS-CERT has published a […]
The GeekedIn recruitment project scraped user data from GitHub and other similar websites, but data were inadvertently leaked online. The popular security expert Troy Hunt, who operates the data breach notification service the owner ‘Have I Been Pwned,’ recently received a 600 Mb MongoDB backup file containing data from a tech recruitment website called GeekedIn. […]
Hacker Kapustkiy breached into an Italian Government website (Dipartimento della Funzione Pubblica) exposing 9,000 users of 45,000. A few days ago I was contacted by a young hacker that breached Indian embassies across the worlds, he goes online with the moniker Kapustkiy. Kapustkiy is a pentester that is targeting organizations and embassies across the world. Recently […]
According to Elcomsoft, iPhone and iPad automatically send call history to Apple when iCloud is enabled, the company stores the data for up to four months. According to the digital forensics firm Elcomsoft, Apple mobile devices automatically send call history to the company when the iCloud is enabled, it also stores the data for up […]
Drupal developers have released updates for versions 7 and 8 that fix security issues which could expose websites to cyber attacks. The Drupal development team has released security updates for versions 7 and 8. The updates fix security vulnerabilities that could expose websites running on the popular CMS and data they manage to security risks, […]