Did You Also Get a ‘Real’ Phishing Email From GitHub.com?
Imagine getting an email straight from GitHub’s own notification system: the same one you've trusted for years.Would you even think...
hacking
21,000 U.S. driver licenses up for sale on hacker forum after data breach
A threat actor has put up over 21,000 U.S. driver licenses for sale on a hacker forum after a data...
Data of 500,000 Betway gambling customers being allegedly sold on hacker forum
This month, Security Report has come across a hacker forum thread in which a seller claims to sell details of...
Feds arrest Romanian malware actors behind CyberSeal and Dataprotector
In a joint effort led by international law enforcement agencies, including the U.S. FBI, Europol, and the Romanian police, a...
DoS flaw lets attackers crash NodeJS apps via DNS lookups
This week, NodeJS project has released fixes for a DoS vulnerability, CVE-2020-8277, that could be triggered via DNS requests. An...
‘Verified’ Twitter account of cURL dev hacked, renamed to ‘Elon Musk’ in Bitcoin scam
The Twitter account of Daniel Stenberg, creator of the cURL software project has been hacked. Hackers have renamed the "verified"...
Lacework tracks Moobot: botnet that targets vulnerable Docker APIs
There is an abundance of Mirai-based botnets in the wild however “Moobot”, which targets vulnerable Docker APIs, recently showed up...
Bug bounty programs don’t always pay up: researchers
Bug bounty platforms have filled a genuine need by connecting security researchers and pen-testers with products vendors in a manner...
Telegram app used by malware to infiltrate online stores
An ongoing trend observed by cybersecurity analysts and malware researchers reveals Telegram messaging service is being abused by malware authors...
Can a Windows wallpaper really hijack your Microsoft account password?
This month security researcher bohops demonstrated a credential harvesting trick that uses Windows theme files. Setting a Windows wallpaper location to a...