Mirai and Gafgyt, two of the best known IoT botnets, have forked once again, but the new variants peek at the corporate sector for creating or replenishing their denial-of-service resources for distributed attacks. | Continue reading
A Czech court recently sentenced two hackers to three years in prison for accessing Vodafone customer's mobile accounts and use them to purchase 600,000 Czech Koruna worth of gambling services. Vodafone reportedly wants the hacked victim's to pay for these charges as they were us … | Continue reading
Malware developers have started to use the zero-day exploit for Windows Task Scheduler component, two days after proof-of-concept code for the vulnerability appeared online. | Continue reading
The US continues to be the top country hosting domains that serve web-based threats and, and the main source for exploit kits on a global level, according to new research. | Continue reading
Although there is nothing special about code executing on a machine, when this code is executed is a significant detail from a security standpoint. | Continue reading
Microsoft has started testing a new feature for the Microsoft To-Do that simply makes sense on a touch-enabled device like Surface Go. Currently available for the Insiders, the updated Microsoft To-Do app allows users to create notes using a pen like the Surface Pen. | Continue reading
Attackers compromising MikroTik routers have configured the devices to forward network traffic to a handful of IP addresses under their control. | Continue reading
Scammers can collect highly sensitive information about a company's activity, employees, and clients, even if after it shuts down, a cybersecurity expert warns. | Continue reading
According to a new project uploaded to the Chromium team's code review site, users may soon be able to login into Windows 10 using their Google G Suite accounts. This new feature uses a "Google Credential Provider" that will allow Windows to authenticate enterprise users against … | Continue reading
Some PC owners may need to apply motherboard firmware updates in the near future to address two attacks on TPM chips detailed earlier this month by four researchers from the National Security Research Institute of South Korea. | Continue reading
Four years after its public disclosure, the Misfortune Cookie vulnerability continues to be a threat, this time affecting medical equipment that connects bedside devices to the hospital's network infrastructure. | Continue reading
A new malspam campaign is underway that pretends to be shipping documents and contains an attachment that installs the DarkComet remote access Trojan. When DarkComet is installed, the malware has the ability to log your keystrokes, application usage, take screenshots, and more, w … | Continue reading
A hacker is selling the personal details of over 130 million hotel guests for 8 Bitcoin ($56,000) on a Chinese Dark Web forum. | Continue reading
On August 21st, Microsoft released an update to the May KB4100347 Intel microcodes for Windows 10 & Windows Server 2016. After installing this latest version, Windows users are reporting that they are unable to boot Windows 10 or are having performance issues. To complicate the i … | Continue reading
A security researcher has published on Twitter details about a vulnerability in the Windows OS. The vulnerability is a "local privilege escalation" issue that allows an attacker to elevate the access of malicious code from a limited USER role to an all-access SYSTEM account. | Continue reading
Google security researchers have revealed this week that the immensely popular Fortnite Android app is vulnerable to so-called man-in-the-disk (MitD) attacks. | Continue reading
If you are having trouble keep tracking of site's that are considered reputable news sources verses ones that are not, a new browser extension from NewsGuard may be of help. | Continue reading
Using regular microphones, academic researchers managed to pick up acoustic signals from computer displays and determine in real time the type of content on the screen. | Continue reading
T-Mobile USA announced a security breach late last night. The company says its cyber-security team discovered and shut down unauthorized access to its customers' data on Monday, August 20. | Continue reading
Felix Rieseberg, a software engineer at Slack has released Windows 95 as an app for Windows, Mac or Linux. It's a 100MB Electron app that you can install and run on Windows, Mac or even Linux computers. | Continue reading
Restaurants in 23 states are on the list of Cheddar Scratch Kitchen locations affected by a cyberattack that exposed payment card information. | Continue reading
Lazarus Group, the North Korean hackers who hacked Sony Films a few years back, have deployed their first Mac malware ever, according to Russian antivirus vendor Kaspersky Lab. | Continue reading
Full contact information of everyone attending the BlackHat security conference this year has been exposed in clear text, a researcher has found. The data trove includes name, email, company, and phone number. | Continue reading
A vulnerability affects all versions of the OpenSSH client released in the past two decades, ever since the application was released in 1999. | Continue reading
Security researchers have uncovered a new supply chain attack that targets organizations in South Korea. The threat actor chooses the victims selectively, based on an IP range for groups of interest. | Continue reading
A research paper presented at the Usenix security conference last week detailed a new technique for retrieving encryption keys from electronic devices, a method that is much faster than all previously known techniques. | Continue reading
A severe issue was addressed on Monday, an issue that under certain conditions could be used to expose the private keys for TLS certificates used by companies running their infrastructure on cloud servers. | Continue reading
The makers of Sitter, a popular app for connecting babysitters with parents, have involuntarily exposed the personal details of over 93,000 users. | Continue reading
A new ransomware strain named Ryuk is making the rounds, and, according to current reports, the group behind it has already made over $640,000 worth of Bitcoin. | Continue reading
Microsoft revealed last night that it successfully disrupted a hacking campaign associated with the Russian military intelligence service GRU. | Continue reading
Support for end-to-end encrypted chats has landed in the stable versions of Skype for Windows, macOS, Linux, Android, and iOS. | Continue reading
Several security experts have built a malicious version of a USB charging cable, one that can compromise a computer in just a few seconds. Once plugged in, it turns into a peripheral device capable of typing and launching commands. | Continue reading
Security researchers have discovered a new exploitation technique that they say can bypass the kernel protection measures present in the Windows operating systems. | Continue reading
Twitch is warning users of a bug in one of its recently retired features that may have exposed some of their messages to other users. | Continue reading
For Windows Insiders in the Skip Ahead ring, Microsoft has renamed their Windows 10 Screen Sketch app to Snip & Sketch. This new build is not available to users running Windows 10 April 2018 Update or the latest Windows 10 Preview build 17741. | Continue reading
The number of tracking cookies on EU news sites has gone down by 22% according to a report by the Reuters Institute at the University of Oxford, who looked at cookie usage across EU news sites in two phases, in April 2018 and July 2018, pre and post the introduction of the new EU … | Continue reading
HackNotice is a service that is designed to alert you when your information has been disclosed in leaked data breaches from hacked sites. HackNotice does this by collecting leaked information from data breaches and compiling it into a database that can be used to determine if yo … | Continue reading
A vulnerability in the VBScript engine has been used by hackers working for North Korea to compromise systems targeted by the Darkhotel operation. | Continue reading
The Chinese government may use a collection of 300 so-called "national cybersecurity standards" to deter or sabotage the efforts of foreign tech firms trying to enter the Chinese market. | Continue reading
Social engineering is the use of deception to manipulate individuals into disclosing sensitive information that may be used to compromise a network, infiltrate an organization, gain access to trade secrets, or in furtherance of an espionage operation. In this article we look at w … | Continue reading
Mozilla removed today 23 Firefox add-ons that snooped on users and sent data to remote servers, a Mozilla engineer has told Bleeping Computer today. | Continue reading
A trio of academics from the University of Florida has developed a device that can detect different types of payment card skimmers —devices developed by cyber-criminals to collect data from credit and debit cards inserted inside ATMs or gas pump card readers. | Continue reading
Security researchers from Proofpoint have discovered a new malware strain that they named Marap and which is currently distributed via massive waves of spam emails carrying malicious attachments (malspam). | Continue reading
Maintainers behind the Linux kernel have rolled out patches in the past weeks for two bugs that are just ideal for causing havoc via DDoS attacks. | Continue reading
Security and user privacy protections included in browsers, ad blockers, and anti-tracking extensions are not as secure as everyone believes, a team of three academics from the Catholic University in Leuven, Belgium (KU Leuven) have revealed yesterday. | Continue reading
Google has patched a vulnerability in the Chrome browser that allows an attacker to retrieve sensitive information from other sites via audio or video HTML tags. | Continue reading