Last week HackRead exclusively reported how a Fidget more spin app on Play Store is sending other apps data on an Android device to a server based in China. Now, security firms Pradeo’s researchers have identified that a popular game app on Play Store is performing quite a few unfavorable functions […]
Pre-Installed Password Manager On Windows 10 Lets Hackers Steal All Your Passwords
If you are running Windows 10 on your PC, then there are chances that your computer contains a pre-installed 3rd-party password manager app that lets attackers steal all your credentials remotely. Starting from Windows 10 Anniversary Update (Version 1607), Microsoft added a new feature called Content Delivery Manager that silently […]
Synaptics to Remove « Keylogger » Functionality From Drivers
Synaptics says recent reports inaccurately characterized a debugging tool found in its touchpad drivers as a keylogger, but the company has decided to remove the functionality from its products. Earlier this month, a researcher reported finding what appeared to be keylogger functionality in a Synaptics touchpad driver shipped with hundreds […]
Hackers Target Security Firm Fox-IT
Fox-IT, the Netherlands-based cybersecurity firm owned by NCC Group, revealed on Thursday that it had been the victim of a man-in-the-middle (MitM) attack made possible by DNS records getting changed at its third-party domain registrar. The incident took place back in September and Fox-IT decided to disclose it now after […]
Data Breach at Website with 45 Million Users Discovered During Academic Research
A team of three researchers from the University of California, San Diego (UCSD) has created a tool that can detect when user-registration-based websites suffer a data breach. The tool, named Tripwire, works on a simple concept. Researchers say that Tripwire registers one or more accounts on websites by using a […]
Fortinet’s FortiClient Product Exposed VPN Credentials
Updates released by Fortinet for its FortiClient product patch a serious information disclosure vulnerability that can be exploited to obtain VPN authentication credentials. FortiClient is a next-generation endpoint protection product that includes web filtering, application firewall, vulnerability assessment, anti-malware, and SSL and IPsec VPN features for desktop and mobile systems […]
The New Ransomware Spider
Spider is the new ransomware that is targeting the victims located in the Balkans in what is called a “mid-scale” campaign. The Spider ransomware is unique in that attackers are given a 96-hour deadline to pay. Attackers also attempt to calm victims, assuring them the ransom payment and file recovery […]
Two Hackers Plead Guilty to Creating IoT-based Mirai DDoS Botnet
The U.S. federal officials have arrested two hackers who have pleaded guilty to computer-crimes charges for creating and distributing Mirai botnet that crippled some of the world’s biggest and most popular websites by launching the massive DDoS attacks last year. According to the federal court documents unsealed Tuesday, Paras Jha […]
« Blue Whale Challenge », le jeu qui pousse les adolescents au suicide
C’est un jeu morbide, devenu viral sur les réseaux sociaux, notamment en Tunisie Blue Whale Challenge ou « Challenge de la baleine bleu » n’a pas de limite. Il consiste à réaliser une série de 50 défis, jusqu’au cinquantième : le suicide. Les responsable tirent la sonnette d’alarme: le jeu de quête […]
Fake Amazon Marketplace invoice emails deliver ransomware via Necurs botnet
The Necurs botnet has changed again today and appears to be delivering yet another ransomware version. I think today’s malware is some sort of ransomware but I am not 100% sure. I am seeing mixed results whether it is ransomware or Trickbot, so it could well be “one of them files” that […]