Security
Android barcode scanner app exposes user passwords
An Android app with over 100k Google Play downloads and a 4.5-star average rating has let an open instance go unchecked, leaving sensitive user data up for grabs.
Read more about Android barcode scanner app exposes user passwords
Hackers breach US Government agencies running end-of-life software
Malicious actors have hacked two governmental servers running end-of-life software. The US cybersecurity agency CISA warns that cybercriminals are exploiting a vulnerability in discontinued Adobe ColdFusion versions and urges users to upgrade.
Read more about Hackers breach US Government agencies running end-of-life software
Thai threat actor named after folklore spirit
A new threat actor has been spotted going after telecommunications targets in Thailand. It has been named Krasue by Group-IB, the analyst that spotted it.
Read more about Thai threat actor named after folklore spirit
Holiday shoppers face increased risk of cyberattacks
Almost 30% of cyberattacks fall on retail, putting shoppers hunting for holiday deals at risk, security experts have warned.
Read more about Holiday shoppers face increased risk of cyberattacks
Green Card Lottery agency exposes applicants’ data
Thousands of applicants for the Diversity Immigrant Visa Program, widely known as Green Card Lottery, got their private data leaked by the US GREEN CARD OFFICE LIMITED (USGCO), a limited liability company registered in the UK that helps to prepare the documents, the Cybernews research team has found.
Read more about Green Card Lottery agency exposes applicants’ data
Adobe’s InDesign exploited in new wave of phishing attacks
Hackers are getting creative, literally, by utilizing Adobe’s popular graphic design program, InDesign, to target corporations in the latest surge of phishing attacks, new research shows.
Read more about Adobe’s InDesign exploited in new wave of phishing attacks
Beware: predatory Android loan apps spy, harass, and blackmail users
Deceptive loan apps charging excessive interest rates can also be malicious. SpyLoan apps circumvent Google Play requirements to track their users’ data and then use it to blackmail them.
Read more about Beware: predatory Android loan apps spy, harass, and blackmail users
Apple’s Lockdown Mode not a failsafe protection
The iOS protective function can be a useful preventative measure against cyberattacks, but even Lockdown can be leveraged if a device is compromised.
Read more about Apple’s Lockdown Mode not a failsafe protection
Angel Cabal Noriega, GameChampions: “casual gamers are the real champions of the esports multi-billion dollar industry”
Most people may not realize how popular the esports gaming industry is getting. At one time, professional and elite gamers...
Read more about Angel Cabal Noriega, GameChampions: “casual gamers are the real champions of the esports multi-billion dollar industry”
Net tightens around Iranian water hackers
The digital location from where an Iran-backed group launched a cyberattack on a US water facility in Pennsylvania may have been uncovered by SecurityScorecard.
Read more about Net tightens around Iranian water hackers
GST Invoice Billing Inventory exposes sensitive data to threat actors
A business accounting app for small and medium businesses with over 1M downloads has left a database open, exposing sensitive personal and corporate data up for grabs.
Read more about GST Invoice Billing Inventory exposes sensitive data to threat actors
Russian state-sponsored hackers exploiting Outlook vulnerability, Microsoft warns
Microsoft is urging Outlook users to patch and update their systems to mitigate a new threat from Russia. Hackers associated with the Kremlin’s military intelligence agency GRU are exploiting the vulnerability to access victim’s emails.
Read more about Russian state-sponsored hackers exploiting Outlook vulnerability, Microsoft warns
The future of phone scams: bots that sound like your loved ones
Every fifth unknown call in the US is spam. Despite a meager success rate, millions fall victim to fraudsters due to the sheer volume of attempts. Now, scammers have a dangerous new innovation that will make them even more productive and convincing.
Read more about The future of phone scams: bots that sound like your loved ones
23andMe hack explained: 0.1% of accounts unlocked the data of millions
After millions of users had their ancestry data exposed online, 23andMe’s investigation revealed that hackers accessed only “a very small percentage” of accounts to scrape user data.
Read more about 23andMe hack explained: 0.1% of accounts unlocked the data of millions
Bluetooth connections no longer private with new BLUFFS attacks
Bluetooth, a low-power wireless technology connecting our devices, has a new vulnerability to iron out. Attackers in the middle could easily snoop on your communications using a new BLUFFS attack.
Read more about Bluetooth connections no longer private with new BLUFFS attacks
South Korea and Uzbekistan hit by new malware
An offshoot of Gh0stRat malware is being used to target institutions in Uzbekistan and South Korea, says Cisco Talos.
Read more about South Korea and Uzbekistan hit by new malware
Hacktivism and its impacts on mental health
I get it. Like me, you’re wired in. Maybe your vice is social media or gaming. Perhaps you’re an Infosec researcher, or a hacker, or OSINT investigator. Whatever your function is, what began as a romance with technology ultimately evolves into a bitter love/hate relationship, taking a toll on your emotions and your overall psychological well-being.
Read more about Hacktivism and its impacts on mental health
Fortune-telling website exposes 13M+ user records
WeMystic, a website on astrology, numerology, tarot, and spiritual orientation, left an open database exposing 34GB of sensitive data about the platforms' users.
Read more about Fortune-telling website exposes 13M+ user records