10 Hours Ago A team of cybersecurity researchers from the University of New Haven yesterday released a video demonstrating how vulnerabilities that most programmers often underestimate could have allowed hackers to evade privacy and security of your virtual reality experience as well as the real world.
Yesterday Exclusive — A security researcher has identified an unsecured server that was leaking detailed personal details of nearly half a million Indian citizens... thanks to another MongoDB database instance that company left unprotected on the Internet accessible to anyone without password.
4 Days Ago It's 2019, and just clicking on a specially crafted URL would have allowed an attacker to hack your Facebook account without any further interaction. A security researcher discovered a critical cross-site request forgery (CSRF) vulnerability in the most popular social media platform that could have been allowed attackers to hijack Facebook accounts by simply tricking the targeted users into
7 Days Ago How do you check if a website asking for your credentials is fake or legit to log in? By checking if the URL is correct? By checking if the website address is not a homograph?
9 Days Ago Ubuntu and some other Linux distributions suffer from a severe privilege escalation vulnerability that could allow a local attacker or a malicious program to obtain root privileges and total control over the targeted system.
10 Days Ago Microsoft has issued its second Patch Tuesday for this year to address a total of 77 CVE-listed security vulnerabilities in its Windows operating systems and other products, 20 of which are rated critical, 54 important and 3 moderate in severity.
10 Days Ago Welcome back! Adobe has today released its monthly security updates to address a total of 75 security vulnerabilities across its various products, 71 of which resides in Adobe Acrobat and Reader alone.
10 Days Ago A serious security vulnerability has been discovered in the core runC container code that affects several open-source container management systems, potentially allowing attackers to escape Linux container and obtain unauthorized, root-level access to the host operating system.
10 Days Ago A malicious Windows EXE file can even infect your Mac computer as well. Yes, you heard me right — a .exe malware on macOS. Security researchers at antivirus firm Trend Micro have discovered a novel way hackers are using in the wild to bypass Apple's macOS security protection and infect Mac computers by deploying malicious EXE files that normally run only on Windows computers.
17 Days Ago With so many data breaches happening almost every week, it has become difficult for users to know if their credentials are already in possession of hackers or being circulated freely across the Internet.
17 Days Ago QuadrigaCX, the largest bitcoin exchange in Canada, has claimed to have lost CAD 190 million (nearly USD 145 million) worth of cryptocurrency after the exchange lost access to its cold (offline) storage wallets.
21 Days Ago Many of you might have this question in your mind: "Is it illegal to test a website for vulnerability without permission from the owner?" Or… "Is it illegal to disclose a vulnerability publicly?" Well, the answer is YES, it’s illegal most of the times and doing so could backfire even when you have good intentions.
21 Days Ago Mac users need to beware of a newly discovered piece of malware that steals their web browser cookies and credentials in an attempt to withdraw funds from their cryptocurrency exchange accounts.
22 Days Ago European airplane maker Airbus admitted yesterday a data breach of its "Commercial Aircraft business" information systems that allowed intruders to gain access to some of its employees' personal information.
23 Days Ago Late last year when an unknown group of hackers stole secret access tokens for millions of Facebook accounts by taking advantage of a flaw in its website, the company disclosed the incident and informed its affected users.
24 Days Ago Have you ever lost your important files, like memories or official documents, accidentally or maliciously? Adding more... when you even do not have any backup for the same.
24 Days Ago In an international operation involving law enforcement authorities from the U.S. and several European countries, feds have shut down an online underground marketplace and arrested three suspects in Ukraine.
25 Days Ago If the connectivity and security of your organization rely on Cisco RV320 or RV325 Dual Gigabit WAN VPN routers, then you need to immediately install the latest firmware update released by the vendor last week.
25 Days Ago A team at a robot cybersecurity startup has released a free, open-source tool for information security professionals to help them easily 'footprint' and detect unprotected robots, not only connected to the Internet, but also to the industrial environments where they operate.
29 Days Ago The French data protection watchdog CNIL has issued its first fine of €50 million (around $57 million) under the European Union's new General Data Protection Regulation (GDPR) law that came into force in May last year.
29 Days Ago Beware! If you have downloaded PHP PEAR package manager from its official website in past 6 months, we are sorry to say that your server might have been compromised.
32 Days Ago Since most security tools also keep an eye on the network traffic to detect malicious IP addresses, attackers are increasingly adopting infrastructure of legitimate services in their attacks to hide their malicious activities.
35 Days Ago Even after so many efforts by Google for preventing its Play Store from malware, shady apps somehow managed to fool its anti-malware protections and get into its service to infect Android users with malware.
37 Days Ago Magecart strikes again, one of the most notorious hacking groups specializes in stealing credit card details from poorly-secured e-commerce websites. According to security researchers from RiskIQ and Trend Micro, cybercriminals of a new subgroup of Magecart, labeled as "Magecart Group 12," recently successfully compromised nearly 277 e-commerce websites by using supply-chain attacks.
37 Days Ago A California-based Voice-Over-IP (VoIP) services provider VOIPO has accidentally left tens of gigabytes of its customer data, containing millions of call logs, SMS/MMS messages, and plaintext internal system credentials, publicly accessible to anyone without authentication.