Security expert Paulos Yibelo has discovered a vulnerability in Hotspot Shield VPN from AnchorFree that can expose locations of the users. Paulos Yibelo, a security researcher, has discovered a vulnerability that can expose users and locations around the globe compromising their anonymity and privacy. The company has about 500 million […]
WordPress Update Breaks Automatic Update Feature—Apply Manual Update
WordPress Update Breaks Automatic Update Feature Apply Manual Update WordPress administrators are once again in trouble. WordPress version 4.9.3 was released earlier this week with patches for a total 34 vulnerabilities, but unfortunately, the new version broke the automatic update mechanism for millions of WordPress websites. WordPress team has now issued a […]
Researcher found multiple vulnerabilities in NETGEAR Routers, update them now!
Security researchers Martin Rakhmanov from Trustwave conducted a one-year-study on the firmware running on Netgear routers and discovered vulnerabilities in a couple of dozen models. Netgear has just released many security updates that address vulnerabilities in a couple of dozen models. The vulnerabilities have been reported by security researchers Martin Rakhmanov […]
Swisscom data breach Hits 800,000 Customers, 10% of Swiss population
Swisscom data breach – Telco company Swisscom confirmed it has suffered a data breach that affected roughly 800,000 of its customers, roughly 10% of the Swiss population. Swiss telco company Swisscom confirmed it has suffered a data breach that affected roughly 800,000 of its customers, roughly 10% of the Swiss population. According to Swisscom, unauthorized parties […]
Joomla 3.8.4 release addresses three XSS and SQL Injection vulnerabilities
Joomla development team has released the Joomla 3.8.4 that addresses many issues, including an SQL injection bug and three cross-site scripting (XSS) flaws. Joomla development team has released the Joomla 3.8.4 that addresses a large number of issues, including an SQL injection bug and three cross-site scripting (XSS) vulnerabilities. The latest release also includes several improvements. The XSS and SQL […]
US authorities dismantled the global cyber theft ring known as Infraud Organization
The US authorities have dismantled a global cybercrime organization tracked Infraud Organization involved in stealing and selling credit card and personal identity data. The US authorities have taken down a global cybercrime organization, the Justice Department announced indictments for 36 people charged with being part of a crime ring specialized […]
Reddit site spoofed by cyber-criminals to steal credentials of users
Cyber-criminals set up a malicious website that spoofed the original Reddit site and stole login credentials of unsuspecting visitors, yet managed to obtain a valid SSL certificate from a domain registry. reddit-teamviewer Cyber-criminals set up a malicious website that spoofed the original Reddit site and stole login credentials of unsuspecting […]
When crypto-mining malware hits a SCADA network
Stealthy crypto-mining is on track to surpass ransomware as cybercriminals’ most favorite money-making option, and companies with computers and servers that run all day and night long are the preferred targets. This could be more than just a nuisance to the companies – it could seriously affect business operations and […]
New credit card skimmer worked in plain sight at Aldi stores
Police in Lower Pottsgrove, Pennsylvania have spotted a group of thieves who are placing completely camouflaged skimmers on top of credit card terminals in Aldi stores. The skimmers, which the gang placed in plain sight of surveillance video cameras, look exactly like the original credit card terminals but would store […]
99 percent of domains are not protected by DMARC
Essentially every global domain is vulnerable to phishing and domain name spoofing. A new report incorporates data from Agari, revealing that 90 percent of its customers have been targeted by domain name fraud. Insight from the Farsight Security indicates that less one percent of all domains are authenticated and protected […]