Security Report

Steam gamers: your Windows PC is prone to privilege escalation attacks 2 min read

• News
• Security

Steam gamers: your Windows PC is prone to privilege escalation attacks

Ax Sharma November 25, 2020

Multiple privilege escalation vulnerabilities in Stream gaming service that remain unpatched can make it easy for malware and malicious threat actors to gain persistence and escalate permissions on Windows systems.... Read More

Canadian government site canada.gc.ca SSL certificate expires, breaks links 4 min read

• News
• Security

Canadian government site canada.gc.ca SSL certificate expires, breaks links

Ax Sharma November 21, 2020

Government of Canada website canada.gc.ca is throwing SSL errors due to an expired certificate. Multiple Canadian government sites continue to have links to this older site which are now breaking.... Read More

Mitsubishi companies hit by cyber attack, ransomware 2 min read

• Breaches
• News

Mitsubishi companies hit by cyber attack, ransomware

Ax Sharma November 21, 2020

Mitsubishi Electric and sister companies such as Mitsubishi Polycrystalline have been hit by cyberattacks, including ransomware... Read More

Feds arrest Romanian malware actors behind CyberSeal and Dataprotector 2 min read

• Cybercrime
• News

Feds arrest Romanian malware actors behind CyberSeal and Dataprotector

Ax Sharma November 21, 2020

In a joint effort, international law enforcement authorities including the FBI, Europol, and the Romanian police have arrested a hacker duo that sold malware encryption tools.... Read More

DoS flaw lets attackers crash NodeJS apps via DNS lookups 1 min read

• News
• Security

DoS flaw lets attackers crash NodeJS apps via DNS lookups

Ax Sharma November 20, 2020

NodeJS has released fixes for CVE-2020-8277, a DoS vulnerability that could be triggered via DNS requests.... Read More

Drupal fixes critical Remote Code Execution vulnerability, patch now 2 min read

• News
• Security

Drupal fixes critical Remote Code Execution vulnerability, patch now

Ax Sharma November 20, 2020

Development team behind Drupal, a popular CMS and blogging platform has issued patches for a remote code execution vulnerability, CVE-2020-13671.... Read More

Chaes malware strikes Latin American e-commerce sites 2 min read

• Malware
• News

Chaes malware strikes Latin American e-commerce sites

Ax Sharma November 19, 2020

Researchers from the Cybereason Nocturnus Team have been keeping tabs on an undetected malware known as “Chaes.” The malware discovered sometime between mid-2020 and now... Read More

2021 security predictions from HackerOne’s top ethical hackers 4 min read

• Business
• News

2021 security predictions from HackerOne’s top ethical hackers

Ax Sharma November 18, 2020

HackerOne's top security researchers and ethical hackers provide their take on what security trends to expect in 2021.... Read More

‘CursedGrabber’ Discord malware possibly linked to Russian and Ukrainian hackers 3 min read

• Cybercrime
• Malware
• News

‘CursedGrabber’ Discord malware possibly linked to Russian and Ukrainian hackers

Ax Sharma November 18, 2020

Newly discovered Discord malware "CursedGrabber" has possible links to Russia and Ukraine. It was found infiltrating the npm open source registry.... Read More

Insomnia Cookies exposes database passwords, then quietly fixes the leak 2 min read

• News

Insomnia Cookies exposes database passwords, then quietly fixes the leak

Ax Sharma November 17, 2020

American bakery company remembered sweetly for its late-night warm cookie trucks and shops on college campuses was caught leaking sensitive data on its website.... Read More