Bug bounty programs don’t always pay up: researchers
It is worth noting that critical exploits could sell on the darknet for far worth more than what a nominal bounty payout may entail. Earlier this year, a Zoom zero-day exploit was being sold for $500,000.... Read More
Ax Sharma
Ax Sharma is an Indian-origin British security researcher, journalist and TV subject matter expert with a focus on malware analysis and cybercrime investigations. His areas of interest include open source software security, threat intel analysis, and reverse engineering. Frequently featured by leading media outlets like the BBC, Channel 5, Fortune, WIRED, The Register, among others, Ax is an active community member of the OWASP Foundation and the British Association of Journalists (BAJ).
Palo Alto Networks researcher discovers Linux privilege escalation vulnerability
A privilege escalation vulnerability had been lurking in the Linux kernel all this time until being discovered by a Palo Alto Networks researcher last week.... Read More
5 virtual events to attend for Cybersecurity Awareness Month 2020
In the U.S., Cyber Security Awareness Month (NCSAM) is observed in the month of October. This is the time to get better equipped with cybersecurity... Read More
Office 365 phishing page evades detection using Google captcha
A newly discovered Microsoft Office 365 phishing campaign makes the recipient solve Google reCaptchas to both add some legitimacy to itself and evade detection systems.... Read More
Slack is down and lagging for users across the world
Popular workplace messaging app Slack is down for multiple users across the globe, or experiencing subpar performance.... Read More
Gravatar API lets you scrape millions of user profiles
Italian security researcher, Carlo Di Dato discovered that the hidden URL API routes as those shown below can allow a web scraper or bot to enumerate every single Gravatar profile and collect its public data.... Read More
Telegram app used by malware to infiltrate online stores
Telegram is being actively used by malware authors targeting e-commerce websites built on Prestashop, Magento and WooCommerce.... Read More
NodeJS malware caught exfiltrating IPs, username, and device information on GitHub
Multiple NodeJS packages laden with malicious code have been spotted on npm registry. These “typosquatting” packages served no purpose other than collecting data from the... Read More
Can a Windows wallpaper really hijack your Microsoft account password?
This month security researcher bohops demonstrated a credential harvesting trick that uses Windows theme files. Setting a Windows wallpaper location to a file present at a remote... Read More
A malware alert left hundreds of Bank of America customers panicking
Hundreds of Bank of America customers had trouble accessing their bank accounts yesterday due to Avast and AVG antivirus engines flagging the site as "malware."... Read More
Sea Turtle Cyber Espionage Campaign Targets Telecommunication and IT Companies in the Netherlands 
Rogue WordPress plugin: Threat hunters uncover credit card skimming campaign targeting e-commerce sites 
Albanian Parliament and telco ‘One Albania’ suffer cyber attacks 
Carbanak Banking Malware Resurfaces with Updated Tactics in Ransomware Attacks
Share this: