Security

cerberus

A New Android Malware Called ‘Cerberus’ is Available for Renting

A new banking Trojan for Android is for sale right now, getting actively promoted on Twitter. The malware was written from scratch and features advanced obfuscation, anti-deletion, and anti-analysis systems. Right...
Windows_building

Researcher Demonstrates How to Exploit a 20-Year-Old Windows Vulnerability

A Google researcher has disclosed a 20-year-old bug that plagues all Windows versions since XP. The researcher demonstrated that it’s possible to gain system privileges and bypass UIPI. Microsoft ignored his...
Netgear_Router

Back to Back Malware Campaigns Targeting Routers and IoT Devices

TrendMicro notices back to back malware campaigns targeting the same networks. The actors are trying to find their way in the target networks by deploying a wide range of new malware variants....
steam_locomotive

Valve Fixes Zero-Day Flaw in Steam That Allows Privilege Escalation Attacks

Valve fixed a Steam privilege escalation zero-day that they first deemed as “non-applicable” and “out of scope”. The hacker who reported the flaw to them thinks that the fix isn’t really effective,...
ransomware

Troldesh Ransomware Infecting Victims via Compromised Websites

Malicious actors are leveraging compromised URLs to infect victims with Troldesh ransomware. The particular software is most likely to be detected by AV tools, but not always. The actors are using...
canon_camera

DSLR Cameras Are Vulnerable to Ransomware Attacks via WiFi

Researchers present a novel way to perform a successful ransomware attack against DSLR cameras. The method involves the PTP functionality that is there to help send photos from the device to a...
old_sneakers

StockX Breach Information Details Published on ‘Have I Been Pwned’

StockX breach data uploaded onto HIBP, so go ahead and check if you’re included. Customers lost their names, hashed passwords, email addresses, but no payment data. It took the company more...
broadcom_chip

Broadcom Finally Acquires Symantec’s Enterprise Security Assets for $10.7 Billion

Broadcom and Symantec agreed on a new kind of deal, concerning the vital security assets of the latter. Broadcom has now bought the specific sector that they were interested in, profoundly strengthening...
avaya

Researchers Find Ten Year Old Vulnerability on Avaya Deskphone

McAfee researchers have discovered a severe RCE flaw on Avaya’s H.323 firmware. The security flaw affects a wide range of IP deskphone devices, allowing audio exfiltration. The component that introduces the...
leak

Leadership for Educational Equity Leaks Out Data of 3.7 Million Members

A non-profit organization dedicated to the support of disadvantaged individuals has leaked its members’ data. The leak occurred through an unprotected Elasticsearch database, but it is unknown if anyone accessed it. ...

Most Popular