Security

An Android app with over 100k Google Play downloads and a 4.5-star average rating has let an open instance go unchecked, leaving sensitive user data up for grabs.

Malicious actors have hacked two governmental servers running end-of-life software. The US cybersecurity agency CISA warns that cybercriminals are exploiting a vulnerability in discontinued Adobe ColdFusion versions and urges users to upgrade.

A new threat actor has been spotted going after telecommunications targets in Thailand. It has been named Krasue by Group-IB, the analyst that spotted it.

Almost 30% of cyberattacks fall on retail, putting shoppers hunting for holiday deals at risk, security experts have warned.

Thousands of applicants for the Diversity Immigrant Visa Program, widely known as Green Card Lottery, got their private data leaked by the US GREEN CARD OFFICE LIMITED (USGCO), a limited liability company registered in the UK that helps to prepare the documents, the Cybernews research team has found.

Hackers are getting creative, literally, by utilizing Adobe’s popular graphic design program, InDesign, to target corporations in the latest surge of phishing attacks, new research shows.

Deceptive loan apps charging excessive interest rates can also be malicious. SpyLoan apps circumvent Google Play requirements to track their users’ data and then use it to blackmail them.

The iOS protective function can be a useful preventative measure against cyberattacks, but even Lockdown can be leveraged if a device is compromised.

Most people may not realize how popular the esports gaming industry is getting. At one time, professional and elite gamers...

The digital location from where an Iran-backed group launched a cyberattack on a US water facility in Pennsylvania may have been uncovered by SecurityScorecard.

A business accounting app for small and medium businesses with over 1M downloads has left a database open, exposing sensitive personal and corporate data up for grabs.

Microsoft is urging Outlook users to patch and update their systems to mitigate a new threat from Russia. Hackers associated with the Kremlin’s military intelligence agency GRU are exploiting the vulnerability to access victim’s emails.

Every fifth unknown call in the US is spam. Despite a meager success rate, millions fall victim to fraudsters due to the sheer volume of attempts. Now, scammers have a dangerous new innovation that will make them even more productive and convincing.

After millions of users had their ancestry data exposed online, 23andMe’s investigation revealed that hackers accessed only “a very small percentage” of accounts to scrape user data.

Bluetooth, a low-power wireless technology connecting our devices, has a new vulnerability to iron out. Attackers in the middle could easily snoop on your communications using a new BLUFFS attack.

An offshoot of Gh0stRat malware is being used to target institutions in Uzbekistan and South Korea, says Cisco Talos.

I get it. Like me, you’re wired in. Maybe your vice is social media or gaming. Perhaps you’re an Infosec researcher, or a hacker, or OSINT investigator. Whatever your function is, what began as a romance with technology ultimately evolves into a bitter love/hate relationship, taking a toll on your emotions and your overall psychological well-being.

WeMystic, a website on astrology, numerology, tarot, and spiritual orientation, left an open database exposing 34GB of sensitive data about the platforms' users.