Category: Security Affairs

A flaw in the popular TikTok app could allow attackers to hijack any user account just by knowing the mobile number of the victim. Security experts from CheckPoint have discovered a critical vulnerability in the popular TikTok app that could…

Read more →

A new piece of ransomware called SNAKE appeared in threat landscape, the malware is now targeting company networks. The SNAKE is a new ransomware that is threatening enterprises worldwide along with most popular ransomware families such as Ryuk, Maze, Sodinokibi,…

Read more →

Monika Bickert, Facebook for global policy management, announced that Facebook will ban deepfake videos and manipulated content. Facebook has announced it will ban deepfake videos, which are media that take a person in an existing image or video and replace…

Read more →

Minnesota-based Alomere Health discloses a data leak that exposed personal and medical information of 49,351 patients. Personal and medical information of 49,351 patients of Minnesota-based Alomere Health might have been exposed following the compromise of two employees’ email accounts. Alomere Health is…

Read more →

A new MageCart attack made the headlines, this time the gang compromised the website of popular Focus Camera. The Magecart group has compromised the website of the photography and imaging retailer Focus Camera. The hack took place last year, the…

Read more →

Google has recently disabled all Xiaomi smart home integrations on Nest Hub after being informed that some users could access other people’s camera feeds.  On January 1st, 2020, a Reddit user (‘/u/Dio-V’) posted a discussion revealing that Nest Hub was…

Read more →

A cyber-espionage group tracked as Bronze President has been targeting countries in South and East Asia, Secureworks experts warn. Researchers at Secureworks’ Counter Threat Unit (CTU) have uncovered a cyber espionage campaign carried out by an APT group tracked as…

Read more →

Security experts have found a malicious app in the Google Play that exploits the recently patched CVE-2019-2215 zero-day vulnerability. Earlier October, Google Project Zero researchers Maddie Stone publicly disclosed a zero-day vulnerability, tracked as CVE-2019-2215, in Android. Maddie Stone published technical…

Read more →

HappyHotel, a Japanese search engine used to find and book rooms in “love hotels,” announced to have suffered a security breach in December. HappyHotel is a popular Japanese search engine for “love hotels,” it is used by married couples and…

Read more →

Microsoft published an interesting analysis of RDP brute-force attacks that targeted the 45,000 have analyzed in months of study. Researchers from Microsoft have analyzed several months’ worth of data to investigate RDP brute force attacks occurring across Microsoft Defender ATP…

Read more →

The U.S. Department of Homeland Security (DHS) has issued warnings about the possibility of cyber-attacks launched by Iran-linked hackers. The U.S. Department of Homeland Security (DHS) has issued warnings about the possibility of cyber-attacks launched by Iran-linked threat actors. The…

Read more →

The US-based School management software provider Active Network disclosed a severe security breach last week. Active Network provides web-based school management software for K-12 schools and districts, last week it announced to have suffered a major security breach. The hackers…

Read more →

Austria’s foreign ministry announced it was facing a “serious cyberattack” and that it could be the work of a nation-state actor. Austria’s foreign ministry was the victim of a cyber-attack that is suspected to have been conducted by a foreign…

Read more →

Synoptek, A California-based IT service provider decided to pay the ransom to decrypt its files after being infected with the Sodinokibi ransomware. Synoptek, a California-based provider of IT management and cloud hosting services paid the ransom to decrypt its files…

Read more →

A group of alleged Iranian hackers claims to have breached the website of a US government agency, Federal Depository Library Program, on Saturday after the killing of Qasem Soleimani. A group of Iranian hackers claims to have breached the website…

Read more →

DeathRansom was considered fake ransomware due to the fact that it did not implement an effective encryption process, but now things are changing. DeathRansom is a ransomware family that was initially classified as a joke because it did not implement…

Read more →

US Government fears a new wave of cyber attacks from Iran as retaliation for the airstrike that killed Maj. Gen. Qassim Suleimani at the Baghdad airport in Iraq. Christopher C. Krebs, Director of Cybersecurity and Infrastructure Security Agency (CISA) warned of a…

Read more →

‘BusKill‘ is a cheap kill cord Dead Man Switch to trigger the machine to self-destruct in case the laptop is stolen, it was designed by the software engineer Michael Altfield. The idea is very simple, the BusKill cable connects a Linux…

Read more →

Early this week, Brazil fined Facebook $1.65 million for improperly sharing users’ data in a case linked to the Cambridge Analytica privacy scandal. Brazil fined Facebook $1.65 million for improperly sharing users’ data in a case linked to the Cambridge…

Read more →

Maintainers of the OpenCV library addressed two buffer overflow flaws that could lead to arbitrary code execution. Maintainers of the OpenCV library addressed two high-severity buffer overflow vulnerabilities that could be exploited by an attacker to execute arbitrary code. OpenCV…

Read more →

The U.S. Army this week has banned the popular TikTok app from government mobile amid fear of China-linked cyberespionage. The US Army has banned the use of the popular TikTok app on mobile phones used by its personnel for security…

Read more →

The Travelex currency exchange has been forced offline following a malware attack launched on New Year’s Eve.  This week, the UK-based currency exchange Travelex announced that it has shut down its services as a “precautionary measure” following a malware attack.…

Read more →

Cisco has released software updates for its Data Center Network Manager (DCNM) product to address several critical and high-severity issues. Cisco has released software updates that address several critical and high-severity vulnerabilities in its Data Center Network Manager (DCNM) product.…

Read more →

Experts disclosed PoC exploits for remote command execution and information disclosure vulnerabilities affecting many D-Link routers. Security researchers Miguel Méndez Zúñiga and Pablo Pollanco from Telefónica Chile recently published Proof-of-concept (PoC) exploits for remote command execution and information disclosure vulnerabilities…

Read more →

The popular US restaurant chain Landry’s announced that it was the victim of a cyber-attack, malware has infected its point of sale (POS) systems. The popular US restaurant chain Landry’s disclosed a security incident, its point of sale (POS) systems…

Read more →

The Poloniex cryptocurrency exchange is forcing users to reset their passwords following a data leak.  Another bad news for the community of the virtual currencies communities, the Poloniex cryptocurrency exchange has forced its users to reset their passwords following a…

Read more →

Crooks are exploiting the popularity of the Star Wars saga to monetize their efforts, experts warn of online streaming sites delivering malware. Cybercriminals leverage popular movies like Star Wars to lure users into downloading malware to watch exclusive scenes or the full…

Read more →

Sextortion cybercrimes continue to threaten Internet users, scammers are using new tactics to bypass spam filters and secure email gateways. Sextortion scams continue to evolve to bypass security measures such as spam filters and secure email gateways. Sextortion messages threaten…

Read more →

Security expert discovered a Google Chrome extension named Shitcoin Wallet that steals passwords and wallet private keys. Harry Denley, director of security at the MyCrypto, discovered that the Google Chrome extension named Shitcoin Wallet is stealing passwords and wallet private keys.…

Read more →

Another celebrity was the victim of the hackers, Mariah Carey ‘s Twitter account appears to have been hacked on New Year’s Eve. The Twitter account of Mariah Carey was hacked on New Year’s Eve, attackers posted a series of offensive,…

Read more →

The Irish government has published its National Cyber Security Strategy​, it is an update of the country’s first Strategy which was published in 2015. The 2019 National Cyber Security Strategy aims to allow Ireland to continue to safely enjoy the…

Read more →

Developers at Starbucks left exposed an API key that could be used by an attacker to access internal systems and manipulate the list of authorized users. The development team at Starbucks left exposed an API key that could be used…

Read more →