Joomla fixes ACL violation vulnerability after 2 years
The development team behind popular CMS Joomla which powers over 2.5 million sites has patched an access control violation vulnerability...
security
American Bank Systems slapped with class-action lawsuit for not timely disclosing ransomware data breach
This year, American Bank Systems (ABS) was hit with a ransomware attack as reported by Security Report, which the company...
Canadian government site canada.gc.ca SSL certificate expires, breaks links
If you head to https://canada.gc.ca right now, ideally it should redirect automatically to the newer canada.ca government domain. However, on...
2021 security predictions from HackerOne’s top ethical hackers
As 2020 comes to a close, top ethical hackers and researchers of HackerOne, a bug bounty and responsible vulnerability disclosure...
UK delivery company Whistl suffered data breach
Last month, UK delivery management company, Whistl suffered a data breach from a cyber attack. UK residents may be quick...
Newly spotted Ethereum vulnerabilities put $1 billion at stake
Researchers have discovered multiple vulnerabilities in Ethereum cryptocurrency this month that when exploited by attackers can have devastating consequences. These...
Palo Alto Networks researcher discovers Linux privilege escalation vulnerability
A privilege escalation vulnerability had been lurking in the Linux kernel all this time until being discovered by a Palo...
Office 365 phishing page evades detection using Google captcha
A newly discovered phishing campaign makes the recipient solve captchas in an effort to both add some legitimacy to itself...
Gravatar API lets you scrape millions of user profiles
Yesterday, I reported on BleepingComputer how Gravatar API makes it easy for web scrapers and bots to automatically enumerate Gravatar...
Telegram app used by malware to infiltrate online stores
An ongoing trend observed by cybersecurity analysts and malware researchers reveals Telegram messaging service is being abused by malware authors...