How public safety systems can be abused by nation state actors
Open systems, open data, and open-source software provide a means to promote greater transparency, public trust, and user participation. But what happens when adversaries can... Read More
security
Behind an entire catalogue of malicious Chrome extensions? Allegedly, a domain registrar
It is not unusual for malware to use malicious C&C servers and domains. However, what we learn this week is something entirely different, sinister and... Read More
Hacking the antivirus: BitDefender remote code execution vulnerability
What happens when the very antivirus designed to keep you and your organization safe becomes a threat vector for the attackers to exploit? Yesterday, I... Read More
‘BlueLeaks’: data from over 200 police departments exposed in a massive leak
A group that goes by the name Distributed Denial of Secrets (DDoSecrets) has published 269 GB worth of data with hundreds of documents, images and... Read More
NETGEAR routers vulnerable to “root” code execution, no patch yet
In a recently released vulnerability disclosure from d4rkn3ss from VNPT ISC as well as Adam Nichols of GRIMM, we learn of an unpatched vulnerability impacting... Read More
Operation In(ter)ception targeted European Space and Military Companies via LinkedIn
In a new report published by ESET’s researchers, we learn of Operation In(ter)ception which heavily targeted aerospace and military organizations. “To compromise their targets, the... Read More
Major U.S. companies face network disruptions: some blame DDoS attacks
Yesterday, reports emerged of widespread network outages across major U.S. telecoms and companies like T-Mobile, Instagram, Comcast, and Chase Bank. According to a tweet by... Read More
Indian hacker-for-hire firm wanted by FBI targeted ExxonMobil and others
Last week we reported on CloudEyE which was a legitimate Italian business helping hackers with spreading malware. Now, Citizen Lab has unveiled a major... Read More
WordPress Block Editor could let even most basic users exploit XSS vulns!
WordPress 5.4.2 release announcement stated the update shipped with multiple fixes for Cross-Site Scripting (XSS) vulnerabilities. Out of this the most significant fix is... Read More
Patient video consultations leaked in medical data breach: Babylon Health UK
In an a unfortunate incident, video consultants of some patients using the Babylon Health app were leaked to other users of the app. It... Read More
Sea Turtle Cyber Espionage Campaign Targets Telecommunication and IT Companies in the Netherlands 
Rogue WordPress plugin: Threat hunters uncover credit card skimming campaign targeting e-commerce sites 
Albanian Parliament and telco ‘One Albania’ suffer cyber attacks 
Carbanak Banking Malware Resurfaces with Updated Tactics in Ransomware Attacks
Share this: