Android Trojan GriftHorse, the gift horse you definitely should look in the mouth
Researchers at Zimperium have discovered an aggressive mobile premium services campaign with over 10 million victims all over the world....
Telegram-powered bots circumvent 2FA
Two-factor authentication is a great way to protect your online accounts, and we always recommend you turn it on. But...
Cybersecurity experts have discovered a new hacker group
Cybersecurity experts have discovered a new hacker group ChamelGang, which attacks institutions in ten countries around the world, including Russia....
Scammers are Using Twitter Bots for PayPal and Venmo Scams
Internet scammers are using Twitter bots to trick users into making PayPal and Venmo payments to accounts under their possession....
Bandwidth Suffers Outages Caused by DDoS Attack
Within the last couple of days, Bandwidth.com has been the latest target of distributed denial of service attacks targeting VoIP...
Nobelium APT Group Uses Custom Backdoor to Target Windows Domains
Researchers from Microsoft Threat Intelligence Center (MSTIC) identified FoggyWeb, a new custom malware utilized by the Nobelium APT group to...
Threat Actors from China Infiltrated a Major Afghan Telecom Provider
Just as the US was completing its withdrawal from Afghanistan, several China-linked cyberespionage groups were seen intensifying attacks on a...
Threat actors use recently discovered CVE-2021-26084 Atlassian Confluence
Threat actors are actively exploiting the recently disclosed CVE-2021-26084 RCE vulnerability in Atlassian Confluence deployments. Trend Micro researchers have spotted...
CISA releases Insider Risk Mitigation Self-Assessment Tool
The US CISA has released a new tool that allows to assess the level of exposure of organizations to insider...
Facebook released Mariana Trench tool to find flaws in Android and Java apps
Facebook released Mariana Trench, an internal open-source tool that can be used to identify vulnerabilities in Android and Java applications....
Expert discloses new iPhone lock screen vulnerability in iOS 15
The security researcher Jose Rodriguez discovered a new lock screen vulnerability for iOS 15 (& iOS 14.8) that has yet...
CVE-2020-1416
Summary: An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka...
CVE-2020-1416
Summary: An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka...
CVE-2021-22019
Summary: The vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. A malicious actor with network access to...
CVE-2020-9759
Summary: A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain...
CVE-2021-40516
Summary: WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that...
CVE-2021-22949
Summary: A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to duplicate files which can lead to...
Vaccine passport app leaks users’ personal data
Security and privacy advocates may have cause to worry after all: Portpass, a vaccine passport app in Canada, has been...
Microsoft, CISA and NSA offer security tools and advice, but will you take it?
Microsoft offers to help you with patching Exchange servers, CISA offers an insider threat tool, and together with the NSA...
Instagram Kids put on hold
Instagram has announced it is pausing the development of its newest brainchild, Instagram Kids—a version of Instagram aimed at 10-12-year-olds,...
Japan mentioned Russia in its new cybersecurity strategy
The Japanese government on Tuesday officially approved a new three-year cybersecurity strategy, where Russia, China and North Korea are mentioned...
Kids Fairy Tale App Farfaria Exposed Data of 2.9 Million Users
Cybersecurity researcher at Comparitech has identified a misconfigured MongoDB database containing a treasure trove of data left uncovered to the...
Working Exploit Is Out for VMware vCenter CVE-2021-22005 Flaw
A fully working exploit for the remote code execution vulnerability in VMware vCenter labelled as CVE-2021-22005 is now publicly accessible,...
Latest Microsoft Exchange Server Feature Mitigates High-Risk Bugs
One of the prominent targets for hackers is Microsoft Exchange, and the attack vector typically involves a popular vulnerability which...
