Storybooks for children app FarFaria exposed data of 3M users
By Waqas According to FarFaria, its apps are “created for children ages 2-9” meaning that the incident exposed children to cybercriminals. This is a post from HackRead.com Read the original
What Is a Data Breach and How to Prevent It
A data breach occurs when an unauthorized individual gains access to confidential, sensitive, or protected information. Without permission, files from a data breach are viewed and/or shared. Phases of a
Beware of the Recently Discovered BluStealer Malware!
Cybersecurity researchers found a brand-new high-profile malware tracked as BluStealer that can steal cryptocurrency and banking information, log keystrokes, and upload files. According to specialists, the malware is distributed by
Conti Makes a New Victim: GSS Ransomware Attack Affecting Major European Call Center Provider
A GSS ransomware attack affected the European call center provider as it made its IT systems freeze and database cripple. What Services Were Impacted? According to theRecord. publication, the impacted services
Malicious Actors Hijacked Bitcoin.org
Bitcoin.org was hijacked by hackers and got altered in order to push a scam. Bitcoin.org is an information portal for the top cryptocurrency, founded in August 2008 by Bitcoin’s pseudonymous founder Satoshi
Russia Formally Accused by European Union for the ‘GhostWriter’ Operation that Targets EU Representatives and Reporters
The European Union officials have formally associated Russia with a new hacking campaign tracked as Ghostwriter. The operation’s focus has been on high-profile EU representatives, journalists, and the general public.
SonicWall Critical Vulnerability Should Be Patched ASAP
A security notice related to a SonicWall critical vulnerability in SMA 100 series devices has been issued by the enterprise. The flaw we are talking about was classified in the
A New Flaw Was Discovered in the Microsoft Windows Platform Binary Table (WPBT)
The flaw discovered by the researchers at Eclypsium in the Microsoft Windows Platform Binary Table (WPBT) can be exploited in attacks meant to install rootkits on all Windows computers that
5 Steps to Securing Your Network Perimeter
Ekaterina Kilyusheva, head of the Information Security Analytics Research Group at Positive Technologies, offers a blueprint for locking up the fortress.Read More: https://threatpost.com/securing-network-perimeter/175043/
Urgent Chrome security update released to patch widely exploited 0-day
By Deeba Ahmed The vulnerability impacts 2 Billion Chrome users worldwide therefore Google is asking users to update their browsers right now. This is a post from HackRead.com Read the
Women, Minorities Are Hacked More Than Others
Income level, education and being part of a disadvantaged population all contribute to cybercrime outcomes, a survey suggests.Read More: https://threatpost.com/women-minorities-hacked/175038/
Far-right host Epik confirms its data was breached by Anonymous
By Waqas The domain registrar Epik has confirmed that its systems were hacked by a group affiliated with the Anonymous hacktivist collective. This is a post from HackRead.com Read the
EU: Russia Behind ‘Ghostwriter’ Campaign Targeting Germany
It’s not the first time that the disinformation/spearphishing campaign, which originally smeared NATO, has been linked to Russia. Read More: https://threatpost.com/eu-russia-ghostwriter-germany/175025/
3.8 Billion Users’ Combined Clubhouse, Facebook Data Up for Sale
Combined cache of data likely to fuel rash of account takeover, smishing attacks, experts warn. Read More: https://threatpost.com/clubhouse-facebook-data-sale/175023/
Is Australia a sitting duck for ransomware attacks? Yes, and the danger has been growing for 30 years
Padlokr – Paul Haskell-Dowland, Edith Cowan University and Andrew Woodward, Edith Cowan University Australian organisations are a soft target for ransomware attacks, say experts who yesterday issued a fresh warning
Holding the world to ransom: the top 5 most dangerous criminal organisations online right now
Padlokr – Roberto Musotto, Edith Cowan University; Brianna O’Shea, Edith Cowan University, and Paul Haskell-Dowland, Edith Cowan University On the internet, nobody knows you’re a dog! These words from Peter
With cyberattacks growing more frequent and disruptive, a unified approach is essential
Padlokr – Yasser Morgan, University of Regina Cyberwarfare consists of co-ordinated attacks of mass disruption (AMD). In the June summit between U.S. and Russian presidents Joe Biden and Vladimir Putin,
Inside a ransomware attack: how dark webs of cybercriminals collaborate to pull them off
Padlokr – David S. Wall, University of Leeds In their Carbis Bay communique, the G7 announced their intention to work together to tackle ransomware groups. Days later, US president Joe
The ‘privacy by design’ approach for mobile apps: why it’s not enough
Padlokr – Dusty-Lee Donnelly, University of KwaZulu-Natal The mobile apps installed on our smartphones are one of the biggest threats to our digital privacy. They are capable of collecting vast
What is Pegasus? A cybersecurity expert explains how the spyware invades phones and what it does when it gets in
Padlokr – Bhanukiran Gurijala, West Virginia University End-to-end encryption is technology that scrambles messages on your phone and unscrambles them only on the recipients’ phones, which means anyone who intercepts
Cybercriminals use pandemic to attack schools and colleges
Padlokr – Vulnerable devices and systems are targets. EThamPhoto/Getty Images Nir Kshetri, University of North Carolina – Greensboro Cyberattacks have hit schools and colleges harder than any other industry during
Top 3 Ways to Find a Hidden File on a Mac
By Waqas Mac computers often have hidden files that you can’t see. Find out the practical ways to find and view the articles with ease in this article. This is
A Backdoor Was Added by the REvil Ransomware Developers in an Attempt to Cheat Affiliates
The REvil ransomware operators may have been hijacking ransom negotiations, and cutting their affiliates of payments. As explained by my colleague Elena, REvil is a highly evasive and upgraded RaaS
US, Canadian Android Mobile Users Targeted by TangleBot Malware
A new SMS smishing malware that targets Android mobile users in the U.S. and Canada has been discovered by cybersecurity researchers. The malicious campaign uses text message lures related to
Water Basilisk Campaign Distributes RATs Through a New Crypter
Another malicious operation wreaks havoc in the world of malware and trojans. The so-called Water Basilisk campaign makes use of a new crypter with the goal of RATs distribution. Among
Top 7 Cybersecurity Trends for 2022
2020 and 2021 have been some truly revolutionary years and now that 2022 is only a few months away, you might wonder what’s going to happen next. In terms of
Malware Developers Are Working on Tricking Windows Validation
The researchers from Google were the ones that spotted the malware developers creating malformed code signatures. The signatures created are likely to be seen as valid in Windows in order
FamousSparrow Hacking Group Is Targeting Hotels, Companies, and Governments Everywhere
A new cyberespionage group targeting hotels, governments, and private businesses all over the world has been recently spotted by cybersecurity specialists at ESET. According to them, the cyberespionage gang, dubbed
The Zero-Day Apple Bug Patched Now by the Company
A zero-day Apple bug exploited by cybercriminals to hack iPhone and Mac with iOS and macOS old versions was patched by the company as it released security updates against it.
Exchange/Outlook Autodiscover Bug Spills $100K+ Email Passwords
Threat Post – Hundreds of thousands of email credentials, many of which double as Active Directory domain credentials, came through to credential-trapping domains in clear text. Guardicore security researcher Amit
EU takes aim at Russia over 'Ghostwriter' hacking campaign against politicians, government officials
The European Union formally blamed Russia on Friday, just ahead of this weekend’s German elections, for a hacking campaign targeting EU government officials and politicians. And the EU is threatening
Exposed ransomware negotiations shed light on cybercrime, but complicate things for victims
Less than 48 hours before the deadline for Iowa-based grain cooperative New Cooperative to pay the BlackMatter ransomware group’s demands, negotiations seemed to take an interesting turn. BlackMatter, which has
TangleBot Malware Reaches Deep into Android Device Functions
Threat Post – The mobile baddie grants itself access to almost everything, enabling spying, data-harvesting, stalking and fraud attacks, among others. An Android malware called TangleBot has weaved its way
Lithuania wants users to dump Chinese phones citing data collection
By Deeba Ahmed Lithuania Defense Ministry has released a warning, urging consumers to get rid of their Chinese phones and not to buy new ones amid data security. This is
Critical Cisco Bugs Allow Code Execution on Wireless, SD-WAN
Threat Post – Unauthenticated cyberattackers can also wreak havoc on networking device configurations. Cisco is warning three critical security vulnerabilities affect its flagship IOS XE software, the operating system for
Apple Patches 3 More Zero-Days Under Active Attack
Threat Post – One of the bugs, which affects macOS as well as older versions of iPhones, could allow an attacker to execute arbitrary code with kernel privileges. Apple has
Examining the Cring Ransomware Techniques
Trend Micro – Here is a more detailed description of this chain: Initial Access The Cring ransomware gains initial access either through unsecure or compromised RDP or valid accounts. The
REvil Affiliates Confirm: Leadership Were Cheating Dirtbags
After news of REvil’s rip-off-the-affiliates backdoor & double chats, affiliates fumed, reiterating prior claims against the gang in “Hackers Court.” Read More: https://threatpost.com/revil-affiliates-leadership-cheated-ransom-payments/174972/
Hackers Are Scanning for the Vulnerability Found in Vmware
The malicious actors are going after the CVE-2021-22005 that is unpatched against a critical arbitrary file upload vulnerability. This vulnerability that was recently patched could lead to remote code execution, as
5 Tips for Achieving Better Cybersecurity Risk Management
Threat Post – Casey Ellis, founder, CTO and chairman of Bugcrowd, discusses a roadmap for lowering risk from cyberattacks most effectively. When thinking about cybersecurity risk management, think about the
100M IoT Devices Exposed By Zero-Day Bug
Threat Post – A high-severity vulnerability could cause system crashes, knocking out sensors, medical equipment and more. A flaw in a widely used internet-of-things (IoT) infrastructure code left more than
Hackers hit Russian ministry, rocket center using MSHTML vulnerability
By Waqas Microsoft Office zero-day also dubbed MSHTML attack exploited to target Russian government including Interior ministry and State Rocket Center. This is a post from HackRead.com Read the original
FamousSparrow APT Wings in to Spy on Hotels, Governments
Threat Post – A custom “SparrowDoor” backdoor has allowed the attackers to collect data from targets around the globe. A cyberespionage group dubbed “FamousSparrow” by researchers has taken flight, targeting
Phone scammers use COVID-19 vaccine appointments to try tricking victims into downloading malware
Hackers are targeting American and Canadian victims with a malware strain that used coronavirus-themed messages to dupe users into downloading software that collects their personal information, according to findings published
Millions impacted as payment API vulnerabilities exposing transaction keys
By Deeba Ahmed Millions of users could have exposed their private, payment data due to API security vulnerabilities discovered in several applications. This is a post from HackRead.com Read the
Google Report Spotlights Uptick in Controversial ‘Geofence Warrants’ by Police
Threat Post – Digital privacy rights defenders contend that geofencing warrants grab data on everyone near a crime, without cause. Newly released data by Google sheds light on a controversial
Acronis Offers up to $5,000 to Users Who Spot Bugs in Its Cyber Protection Products
Once available only to the cybersecurity community, Acronis has opened its bug-hunting program to the public and aims to double the total bounties paid. Read More: https://threatpost.com/acronis-bug-bounty-program/174849/
Cloud Security: Report Finds 68% of Malware Delivered From Cloud Apps
Security Intelligence – Cloud Security: Report Finds 68% of Malware Delivered From Cloud Apps Cloud apps are now the most common way digital attackers distribute malware. In the second quarter