Fake VPN Website Spreads Vidar and CryptBot Trojans
A new malicious website is pushing a re-branded version of VPN Pro which downloads Trojans.
The payloads are either Vidar or CryptBot, depending on the campaign that’s currently active.
People should...
Ransomware Attack Cripples Data Center Provider ‘CyrusOne’
CyrusOne was hit by REvil, and the company is working towards restoration without paying.
The ransomware actors found their way in six New York-based data centers, affecting an equal number of clients....
The Lazarus Group Turns its Attention to Apple Users With a New MacOS Trojan
A new two-stage malware from the Lazarus group is going after crypto-coin exchanges.
The malicious software was developed to trick macOS users, and it can currently bypass detection on most AV tools....
A Sprint Contractor Has Exposed 261,300 US Cell Phone Bills via an Unprotected Database
A marketing company called “Deardorff Communications” has exposed personal data of thousands of cell phone users.
The data that was left unprotected online includes names, addresses, numbers, and even PINs.
The involved...
Heroku PaaS Cloud Service Hosting Web Skimmers and Stolen Data
Heroku cloud hosting service contained several pieces of card skimming code and stolen card data.
The platform removed these immediately upon notification, but the policies for free users remain the same.
...
New ‘StrandHogg’ Android Vulnerability Being Under Active Exploitation
StrandHogg is a new malware for the Android platform, which can operate as powerful spyware.
The malware is tricking the user with permission requests that are made to look like they come...
SafeBreach Unveils Another Three Vulnerable Security Products
Kaspersky, Autodesk, and Trend Micro in the spotlight again for severe privilege escalation vulnerabilities.
Researchers from SafeBreach discovered that some of their products are lacking DLL validation.
The software vendors have...
TrueDialog Exposed Millions of SMS Messages in Unprotected Database
More than 100 million customers of TrueDialog had their highly sensitive data exposed.
The company left one of their databases unprotected and accessible to anyone online.
The implications of the exposure...
The Data of 20 Million Mixcloud Users Are For Sale on the Dark Web
Mixcloud suffered an undisclosed data breach earlier in the month, and the stolen data is now for sale.
The seller lists usernames, email addresses, IP addresses, and hashed passwords that are hard...
Jack Kudale, Cowbell Cyber CEO – On Cyber Insurance, Cybersecurity, and Cyber Risks
With security risks coming left and right for companies across the world, a new industry has grown in recent years - cyber insurance. Basically, companies have their risks assessed and then they can get...
