Hacking

Security expert discovered an unprotected Elasticsearch database exposed online that was containing approximately 33 million job profiles in China.  Security expert Sanyam Jain at GDI Foundation has discovered an unprotected database exposed online that was containing approximately 33 million profiles for people in China who provided their resume to job recruitment sites.  […]

Experts from Qihoo 360 disclosed technical details of the actively exploited Windows zero-day flaw CVE-2019-0808 recently patched by Microsoft. Researchers at the security firm Qihoo 360 disclosed technical details of the zero-day vulnerability CVE-2019-0808 that was recently patched by Microsoft. The vulnerability was reported to Microsoft by researchers from Google’s Threat Analysis […]

If for some reason your WordPress-based website has not yet been automatically updated to the latest version 5.1.1, it’s highly recommended to immediately upgrade it before hackers could take advantage of a newly disclosed vulnerability to hack your website. Simon Scannell, a researcher at RIPS Technologies GmbH, who previously reported multiple critical vulnerabilities in […]

If you are a Counter-Strike gamer, then beware, because 39% of all existing Counter-Strike 1.6 game servers available online are malicious that have been set-up to remotely hack gamers’ computers. A team of cybersecurity researchers at Dr. Web has disclosed that an attacker has been using malicious gaming servers to […]

The screen lock feature in the Samsung Galaxy S10 that is based on face recognition can be easily bypassed using a photo or a video of the owner. The discovery was made by users and tech reviewers that demonstrated how to bypass face recognition screen lock implemented in the Samsung […]

The Android caller ID app Dalil exposed online data belonging over 5 million users, security experts discovered a MongoDB database left accessible on the web without a password. The MongoDB behind the Android caller ID app Dalil was left exposed online, at least for a week, without a password, leaving 5 million […]

Popular enterprise software company Citrix that provides services to the U.S. military, the FBI, many U.S. corporations, and various U.S. government agencies disclosed last weekend a massive data breach of its internal network by « international cyber criminals. » Citrix said it was warned by the FBI on Wednesday of foreign hackers compromising its […]

Google vient de révéler une faille critique dans le système d’exploitation de Microsoft qui est exploitée de manière active par des pirates. Un patch est en préparation. Mauvaise nouvelle pour les utilisateurs de Windows 7. Les chercheurs en sécurité de Google ont révélé hier avoir trouvé une faille zero-day dans Windows, […]

A study conducted by academics discovered that SSL and TLS certificates and associated services can be easily acquired from dark web marketplaces. A study sponsored by Venafi and conducted by researchers from Georgia State University in the U.S. and the University of Surrey in the U.K. discovered that SSL and TLS certificates and associated […]

Over the last few days, a new ransomware campaign infected several users around the world as part of the #OpJerusalem campaign. SI-LAB analyzed this malware and noticed that it does not use sophisticated techniques. Criminals used UPX packer to protect malware code written in Go and a RSA public certificate […]