A team of Oxford and Cambridge researchers is the latest to join a chorus of voices sounding the alarm on a new attack vector named Intra-Library Collusion (ILC) that couldRead More →
Experts from security firm Kromtech discovered the Mexican VAT refund site MoneyBack exposed 400GB of sensitive information. Another huge data leak made the headlines, experts from security firm Kromtech discovered the Mexican VAT refundRead More →
Security researchers warned of a high-severity Android flaw on Thursday that stems from what they call a “toast attack” overlay vulnerability. Researchers say criminals could use the Android’s toast notification,Read More →
A member of the hacker group ‘Crackas With Attitude’ who hacked US intel officials has been sentenced to 5 years in jail. A member of the dreaded hacking crew Crackas With Attitude hasRead More →
A malware group is using Facebook’s CDN servers to store malicious files that it later uses to infect users with banking trojans. Researchers spotted several campaigns using Facebook’s CDN serversRead More →
Mobile security experts from Palo Alto Networks have detailed a new attack on Android devices that uses “Toast” notifications to help malware in obtaining admin rights or access to Android’sRead More →
Equifax reveals hackers recently stole all kinds of sensitive data from its servers. Hackers have stolen the personal details of 143 million people, including their names, social security numbers, birthRead More →
Voting machines used to tally and aggregate votes in multiple German states are vulnerable to a wide array of vulnerabilities that researchers say can be exploited to alter election resultsRead More →
Six scientists from Zhejiang University in China have discovered that they could use ultrasound frequencies — inaudible to human ears — to send commands to speech recognition software and takeRead More →
Samsung is the latest company that launches a bug bounty program, with the South Koreans paying as much as $200,000 to whoever discovers a critical software vulnerability that would makeRead More →
A group of experienced hackers — tracked under the name of CodeFork — have launched a new malware distribution campaign that uses advanced tools and new techniques to go undetectedRead More →
Malware developers can abuse a programming error in the Windows kernel to prevent security software from identifying if, and when, malicious modules have been loaded at runtime. The bug affectsRead More →
Cloud-based storage platforms have a history of cybercriminal abuse, from hosting malicious files and directly delivering malware to even making them part of a command-and-control (C&C) infrastructure. GitHub was misused thisRead More →
US cyber-security firm Symantec has issued a warning today against a group of nation-state hackers that have managed to infiltrate several US and European energy firms, and are now inRead More →
Lenovo has settled charges with the FTC and 32 state attorneys for shipping laptops preinstalled with the Superfish adware back in 2014 and 2015. According to a decision published onRead More →
Security researchers from lgtm.com have discovered a major remote code execution security flaw (CVE-2017-9805) in Apache Struts, which is a well-liked open-source framework created to develop internet purposes in theRead More →
An attacker can downgrade components of the Android TrustZone technology to older versions that feature known vulnerabilities and use older exploits against smartphones running an up-to-date operating system. According toRead More →
A bug discovered in an obscure PDF parsing library back in 2011 is also present in most of today’s top PDF viewers, according to German software developer Hanno Böck. TheRead More →
Deng Jiewei, from Guangdong, was charged with illegally selling programs known as virtual private networks (VPNs), according to court papers. VPNs are illegal in China because they let people avoidRead More →
The TrickBot banking trojan has added support for stealing funds stored in Coinbase.com accounts, according to a recent version spotted in a distribution campaign last week. The TrickBot banking trojanRead More →
