Cellebrite mobile forensics tool Ufed contains multiple flaws that allow arbitrary code execution on the device, SIGNAL creator warns. Moxie Marlinspike, the creator of the popular encrypted messaging app Signal, announced that Cellebrite mobile forensics tools developed by Cellebrite are affected by multiple vulnerabilities that could be exploited to achieve arbitrary code execution. Cellebrite develops […]
Researchers from Human Security have uncovered a huge botnet of Android devices being used to conduct fraud in the connected TV advertising ecosystem. Security researchers at Human Security (formerly White Ops) discovered a massive Android botnet, dubbed Pareto, used to conduct fraud in the Connected TV (CTV) advertising ecosystem. The Pareto botnet is composed of […]
Cybersecurity firm Trend Micro revealed that a threat actor is actively exploiting a flaw, tracked as CVE-2020-24557, in its antivirus solutions to gain admin rights on Windows systems. Security solutions one again are used as attack vectors by threat actors, this time cybersecurity company Trend Micro revealed that attackers are actively exploiting a vulnerability, tracked as CVE-2020-24557, […]
During an undercover interview, a CyberNews researcher tricked ransomware operators affiliated with Ragnar Locker into revealing their ransom payout structure, cash out schemes, and target acquisition strategies. From a relatively rare threat just a few years ago to one of the biggest moneymakers for cybercriminals today – the meteoric rise of ransomware has cast a shadow of […]
A WhatsApp malware dubbed WhatsApp Pink is able to automatically reply to victims’ Signal, Telegram, Viber, and Skype messages. A WhatsApp malware dubbed WhatsApp Pink has now been updated, authors have implemented the ability to automatically respond to victims’ Signal, Telegram, Viber, and Skype messages. WhatsApp Pink is a fake app that was first discovered this week, […]
The REvil ransomware operators are attempting to blackmail Apple after they has allegedly stolen product blueprints of the IT giant from its business partner. REvil ransomware gang is attempting to extort Apple ahead of the Apple Spring Loaded event threatening to sell stolen blueprints belonging to the IT giant that were stolen from Quanta Computer. Quanta […]
Security vendor SonicWall has addressed three zero-day vulnerabilities affecting both its on-premises and hosted Email Security products. SonicWall is warning its customers to update their hosted and on-premises email security products to address three zero-day vulnerabilities that are being actively exploited in the wild. The three vulnerabilities addressed by the security vendor are: CVE-2021-20021: Email Security Pre-Authentication Administrative […]
At least one China-linked APT group exploited a new zero-day flaw in Pulse Secure VPN equipment to break into the networks of US defense contractors. According to coordinated reports published by FireEye and Pulse Secure, two hacking groups have exploited a new zero-day vulnerability in Pulse Secure VPN equipment to break into the networks of US defense contractors […]
The popular cyber security expert Luca Bongiorni demonstrated how to hack an X-Ray Machine using his WHIDelite tool. Recently I bought a X-RAY machine from China to have some ghetto-style desktop setup in order to inspect/reverse engineer some PCBs and hardware implants. The first thing striked my curiosity, even before purchasing it, was its remote. […]
Researchers from security firm Group-IB have detected a large-scale scam campaign targeting Facebook Messenger users all over the world. Group-IB has detected a large-scale scam campaign targeting Facebook Messenger users all over the world. Group-IB Digital Risk Protection (DRP) analysts have found evidence proving that users in over 80 countries in Europe, Asia, the MEA region, North […]