Security

photosquared

‘PhotoSquared’ Spilled the Bins of 100,000 iOS and Android Users

The 'PhotoSquared' app exposed billing and order details, as well as images of users who sent them for printing. The data stored in an online database was left unprotected for at least...
scam

AZORult Poses as a ProtonVPN Installer and Spreads via Malvertising

A fake ProtonVPN website is spreading the AZORult trojan on unsuspecting victims. The malware is capable of stealing login credentials and crypto coins from locally stored wallets. Malvertisers often use a...
firmware

Modern Laptops and Network Cards Still Using Unsigned Firmware

Hardware makers' unsafe firmware upgrade practices were again exposed by the Eclypsium researchers.  Many big names in the industry are not using firmware validation, so attackers could plant their own version anytime.  The...
FairBridge Hotel Logo

‘FairBridge Inn & Suites’ Unprotected Database Exposed 150,000 Customers

‘FairBridge Inn & Suites’ is the latest hotel chain to blunder by not setting up a password for their database. The franchise hasn’t provided any details about how long the database was...

An Evolved ‘Adwind RAT’ Campaign is Troubling Turkish Companies

Turkish companies are dealing with a new headache caused by actors who use Adwind RAT 3.0. The infection starts with a phishing email that fetches a malicious JAR file from a GitHub...
israeli forces hamas

Hamas Actors Hooked Israeli Soldiers on Dating Apps

Hamas hackers lured hundreds of Israeli soldiers into downloading malware on their phones. The hackers used stolen images of attractive women and sent messages on Facebook and Instagram. The apps collected information...
Fox kitten

Iranian Hackers Are Reportedly Weaponizing Published VPN Flaws in Hours

At least three Iranian APT groups combined forces to launch attacks against corporate networks. Named "Fox Kitten," this campaign was based on the exploitation of 1-day VPN flaws. The hackers were...
bluetooth

A Set of Bluetooth Flaws Named “SweynTooth” Affects Hundreds of Devices (Updated)

Researchers found 11 critical vulnerabilities that can lead to severe Bluetooth attacks. The attacks could crash the target device, force boot loops, or straight out take it over. Consumers are advised...
trojan

The Ginp Banking Trojan Returns with Fake Incoming SMS Tactics

Ginp can now generate SMS messages locally on the phone and spoof any sender and any content. While the numbers that are used are legitimate, the messages were never sent from them....
servers

The Institute of International Education Exposed Thousands of Students

IIE has left two MongoDB instances online without setting up a password to protect them. Thousands of students have had both their sensitive personal as well as their financial data exposed. ...

Most Popular