Information Security News|Cyber Security|Hacking Tutorial

Hackers: We Will Remotely Wipe iPhones Unless Apple Pays Ransom

On: March 21, 2017

In: Important, Incidents, Malware, Mobile Security, Vulnerabilities

“I just want my money,” one of the hackers said. A hacker or group of hackers is apparently trying to extort Apple over alleged access to a large cache ofRead More →

Twitter app spams Fappening bait and Amazon surveys

On: March 21, 2017

In: Incidents, Vulnerabilities

With news of another so-called Fappening (nude photos of celebrities distributed without permission) doing the rounds, it was inevitable that scammers would look to take advantage. We’ve already seen message boardRead More →

The Polski-Vortex-Flotera Ransomware Connection

On: March 21, 2017

In: Malware

A malware author that loves Polish hip hop music appears to be behind the Polski, Vortex, and Flotera (spelled Ŧl๏tєгค) ransomware families that have made a small number of victimsRead More →

Moodle – Remote Code Execution

On: March 21, 2017

In: Vulnerabilities

The vulnerability (CVE-2017-2641) allows an attacker to execute PHP code at the vulnerable Moodle server. This vulnerability actually consists of many small vulnerabilities, as described further in the blog post. MoodleRead More →

Big Surprise: Chinese PUPs Deliver Backdoored Drivers

On: March 21, 2017

In: Malware

A driver secretly installed via PUPs packages for Chinese software contain backdoors enabling a third-party to load unsigned drivers or to execute code with higher privileges on a Windows machine.Read More →

Some Dark Web ‘Crackdowns’ Are Just Hot Air

On: March 20, 2017

In: Important, Incidents, Vulnerabilities

Law enforcement agencies across the world are targeting the dark web. Whether that’s through undercover buys of illegal weapons, or deploying malware to catch suspected pedophiles, cops have spent theRead More →

Cisco’s Investigation into Vault 7 Leak Uncovers 0-Day Affecting 318 Products

On: March 20, 2017

In: Vulnerabilities

Over 300 Cisco products are affected by a zero-day vulnerability Cisco discovered last week, and for which no patch is available at the time of writing. Cisco engineers discovered theRead More →

Attackers Leverage Excel, PowerShell and DNS in Latest Non-Malware Attack

On: March 20, 2017

In: Incidents, Malware, Vulnerabilities

Increasingly, cyberattackers have been leveraging “non-malware” attack methods to target vulnerable organizations. Recently, the Carbon Black Threat Research Team was alerted about such an attack by a partner’s incident responseRead More →

New (but Old) Technique Hijacks User Sessions on All Windows Versions

On: March 20, 2017

In: Important, Incidents, Malware, Vulnerabilities

A security researcher has detailed a way to log into any account on the same computer, even without knowing its password. The trick works on all Windows versions, doesn’t requireRead More →

Former IT Admin Accused of Leaving Backdoor Account, Accessing It 700+ Times

On: March 18, 2017

In: Incidents, Malware, Vulnerabilities

In another classic example of why you shouldn’t leaving your work laptop in the car, national security may have been compromised. An Oregon sportswear company is suing its former ITRead More →

Hackers: We Will Remotely Wipe iPhones Unless Apple Pays Ransom

Twitter app spams Fappening bait and Amazon surveys

The Polski-Vortex-Flotera Ransomware Connection

Moodle – Remote Code Execution

Big Surprise: Chinese PUPs Deliver Backdoored Drivers

Some Dark Web ‘Crackdowns’ Are Just Hot Air

Cisco’s Investigation into Vault 7 Leak Uncovers 0-Day Affecting 318 Products

Attackers Leverage Excel, PowerShell and DNS in Latest Non-Malware Attack

New (but Old) Technique Hijacks User Sessions on All Windows Versions

Former IT Admin Accused of Leaving Backdoor Account, Accessing It 700+ Times

How Hackers Intercept Mobile OTP and Calls Without ‘Hacking’ — The Shocking Power of SIM Boxes

TunnelCrack: Two serious vulnerabilities in VPNs discovered, had been dormant since 1996

How to easily hack TP-Link Archer AX21 Wi-Fi router

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

This Hidden Comet/Atlas AI Browser Flaw That Hackers Are Exploiting

How to Use Google’s OSS Rebuild: A New Open Source Software Supply Chain Security Tool

MFA? Irrelevant. CitrixBleed 2 Lets Hackers Take Over Without Logging In

MotW Bypassed: Zero Warning, Full Control – New WinRAR Flaw Silently Bypasses Windows Security

New Vulnerability in GCP Cloud Run Shows Why Least Privilege Isn’t Enough

Forget Metasploit: Inside Predator’s Zero-Click Advertising-Driven Phone Hacking System

How Hackers Intercept Mobile OTP and Calls Without ‘Hacking’ — The Shocking Power of SIM Boxes

13 Insanely Easy Techniques to Hack & Exploit Agentic AI Browsers

How to Use Google’s OSS Rebuild: A New Open Source Software Supply Chain Security Tool

Phishing 2.0: AI Tools Now Build Fake Login Pages That Fool Even Experts

How TokenBreak Technique Hacks OpenAI, Anthropic, and Gemini AI Filters — Step-by-Step Tutorial

Comparing Top 8 AI Code Assistants: Productivity Miracle or Security Nightmare. Can You Patent AI Code Based App?

No Login Required: How Hackers Hijack Your System with Just One Keystroke: utilman.exe Exploit Explained

How to Send DKIM-Signed, 100% Legit Phishing Emails — Straight from Google That Bypass Everything

A Malware That EDR Can’t See?If You Rely on Antivirus for Protection, Read This Before It’s Too Late!

Live Malware Code Mutation: How AI Generates Evasive Malware

Backdooring ATMs via Bootloader? These Hackers Showed It’s Still Possible in 2025”

How Lynx Ransomware Extorts Millions from U.S. Companies

A Malware That EDR Can’t See?If You Rely on Antivirus for Protection, Read This Before It’s Too Late!

Top 2 Malicious Python Packages You Must Avoid! Zebo-0.1.0 & Cometlogger-0.1

Cyber Security Channel

How to easily hack TP-Link Archer AX21 Wi-Fi router

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022