Hacking

In July 2018, US-CERT raised an alert regarding the Emotet banking trojan, which is also being used to distribute a secondary malware known as “Trickbot”. This alert provided recommendations on how businesses can mitigate their exposure to the Trojan. Unfortunately, it looks like criminals are also reading the US-CERT’s warnings as […]

The malicious apps have all been removed from the official Android store but not before the apps were installed by almost 30,000 users Malware authors keep testing the vigilance of Android users by sneaking disguised mobile banking Trojans into the Google Play store. We’ve recently analyzed a set of 29 […]

Magecart cybercrime gang made the headlines again, the cyber criminal gang is now targeting vulnerable Magento Extensions. Magecart cybercrime gang switches tactic, it is now targeting vulnerable Magento extensions. instead of compromising large websites or third-party services to steal credit card data. In previous campaigns, attackers customize the attack for each victim tailoring the code […]

Security experts from Sophos Labs have spotted a new piece of IoT malware tracked as Chalubo that is attempting to recruit devices into a botnet used to launch DDoS attacks. Security experts from Sophos Labs have spotted a new piece of Linux malware tracked as Chalubo (ChaCha-Lua-bot) that is targeting IoT devices in an […]

A mistake in the process used by the Signal Desktop application to encrypt locally stored messages leaves them wide open to an attacker. When Signal Desktop is installed, it will create an encrypted SQLite database called db.sqlite, which is used to store the user’s messages. The encryption key for this database is automatically generated […]

Mozilla has announced a Shield study where Firefox will promote the ProtonVPN service as a new revenue source. BleepingComputer was able to gain access to the study’s extension and it appears that the ProtonVPN will be recommended when visiting VPN provider sites, streaming services, or when connecting to insecure wireless […]

New Microsoft unpatched Zero-day bug exposed in online again along with proof-of-concept(PoC) by the same security researcher who has previously leaked another critical zero-day vulnerability in Twitter. Previously exposed Windows Zero-day vulnerability exploit online that discovered in Microsoft Windows Task Scheduler. Twitter name SandboxEscaper, A security researcher famous for leaking Zero-day bugs online along with PoC […]

Update: October 23(4:33 AM IST/ 1:03 AM CEST): GitHub noted on its status blog that all the services are now up and running. Update: (3:26PM IST/ 11:56PM CEST) GitHub said that the majority of restore processes have completed. And they anticipate all data stores will be fully consistent within the next hour. Update (03:17PM IST / 11:47AM CEST): GitHub noted that it needs […]

A critical Vulnerabilities that affected FreeRTOS TCP/IP Stack puts millions of IoT devices at risk and let attackers allows to compromise the Smart home devices and Critical Infrastructure Systems. FreeRTOS is a  real-time operating system kernel for embedded devices that support various architectures such as  Altera Nios II, ARM architecture, Fujitsu, Microchip Technology, STMicroelectronics etc. Vulnerabilities affected multiple Versions of […]