SaltStack has publicly disclosed 3 vulnerabilities that had been impacting Salt instances for some time. Two of these have been rated as High or Critical.... Read More
Security
There is an abundance of Mirai-based botnets in the wild however “Moobot”, which targets vulnerable Docker APIs, recently showed up on our radar. This blog... Read More
It is worth noting that critical exploits could sell on the darknet for far worth more than what a nominal bounty payout may entail. Earlier this year, a Zoom zero-day exploit was being sold for $500,000.... Read More
A privilege escalation vulnerability had been lurking in the Linux kernel all this time until being discovered by a Palo Alto Networks researcher last week.... Read More
A newly discovered Microsoft Office 365 phishing campaign makes the recipient solve Google reCaptchas to both add some legitimacy to itself and evade detection systems.... Read More
Italian security researcher, Carlo Di Dato discovered that the hidden URL API routes as those shown below can allow a web scraper or bot to enumerate every single Gravatar profile and collect its public data.... Read More
Telegram is being actively used by malware authors targeting e-commerce websites built on Prestashop, Magento and WooCommerce.... Read More
Multiple NodeJS packages laden with malicious code have been spotted on npm registry. These “typosquatting” packages served no purpose other than collecting data from the... Read More
This month security researcher bohops demonstrated a credential harvesting trick that uses Windows theme files. Setting a Windows wallpaper location to a file present at a remote... Read More
Hundreds of Bank of America customers had trouble accessing their bank accounts yesterday due to Avast and AVG antivirus engines flagging the site as "malware."... Read More
