If you are thinking that Facebook is sitting quietly after being forced to remove its Onavo VPN app from Apple’s App Store, then you are mistaken. It turns out that Facebook is paying teenagers around $20 a month to use its VPN app that aggressively monitors their smartphone and web […]
Haythem Elmir
Dailymotion forces password reset in response to credential stuffing Attack
The popular video sharing website Dailymotion announced that some accounts were accessed by hackers as result of a massive credential stuffing attack. On Friday, the popular video sharing website Dailymotion announced that some accounts were hit by hackers. The company discovered unauthorized access attempts resulting from credential stuffingactivity. The company blocked the […]
Hackers compromise WordPress sites via Zero-Day flaws in Total Donations plugin
Security experts at Wordfence security firms discovered WordPress Sites compromised via Zero-Day vulnerabilities in Total Donations Plugin The Total Donations WordPress plugin was abandoned by its developers for this reason security experts are recommending to delete it after they discovered multiple zero-day flaws that were exploited by threat actors. The […]
Cobalt cybercrime gang abused Google App Engine in recent attacks
The Cobalt cybercrime gang has been using Google App Engine to distribute malware through PDF decoy documents. The Cobalt hacking group has been using Google App Engine to distribute malware through PDF decoy documents. The group targeted more than 20 other government and financial institutions worldwide. Cobalt crime gang is a Russian […]
Hackers are targeting Cisco RV320/RV325, over 9K routers exposed online
Cisco released security updates to address security flaws in several products including Small Business RV320/RV325 routers and hackers are already targeting them. The tech giant addressed two serious issues in Cisco’s Small Business RV320 and RV325 routers. The first one could be exploited by a remote and unauthenticated attacker with admin privileges. to obtain sensitive […]
Researchers Release Tool That Finds Vulnerable Robots on the Internet
A team at a robot cybersecurity startup has released a free, open-source tool for information security professionals to help them easily ‘footprint’ and detect unprotected robots, not only connected to the Internet, but also to the industrial environments where they operate. Dubbed « Aztarna, » the framework has been developed by Alias Robotics, […]
GandCrab ransomware and Ursnif virus spreading via MS Word macros
Security researchers have discovered two separate malware campaigns, one of which is distributing the Ursnif data-stealing trojan and the GandCrab ransomware in the wild, whereas the second one is only infecting victims with Ursnif malware. Though both malware campaigns appear to be a work of two separate cybercriminal groups, we find many similarities in […]
Chinese Hacker Publishes PoC for Remote iOS 12 Jailbreak On iPhone X
Here we have great news for all iPhone Jailbreak lovers and concerning one for the rest of iPhone users. A Chinese cybersecurity researcher has today revealed technical details of critical vulnerabilities in Apple Safari web browser and iOS that could allow a remote attacker to jailbreak and compromise victims’ iPhoneX […]
Critical RCE Flaw in Linux APT Allows Remote Attackers to Hack Systems
Some cybersecurity experts this week arguing over Twitter in favor of not using HTTPS and suggesting software developers to only rely on signature-based package verification, just because APT on Linux also does the same. Ironically, a security researcher just today revealed details of a new critical remote code execution flaw in […]
PHP PEAR official site hacked, tainted package manager distributed for 6 months
PHP PEAR official site hacked, attackers replaced legitimate version of the package manager with a tainted version in the past 6 months. Bad news for users that have downloaded the PHP PEAR package manager from the official website in the past 6 months because hackers have replaced it with a […]