On Saturday, at around 8 pm (US Pacific coast), hackers have breached the LineageOS servers by exploiting an unpatched vulnerability. On Saturday, at around 8 pm (US Pacific coast), hackers have breached the LineageOS servers by exploiting an unpatched vulnerability. LineageOS is a free and open-source operating system for smartphones, tablet computers, and set-top boxes, […]
Phishing attacks impersonating notifications from Microsoft Teams targeted as many as 50,000 Teams users to steal Office365 logins. Abnormal Security experts observed two separate phishing attacks impersonating notifications from Microsoft Teams that targeted as many as 50,000 Teams users to steal Office365 logins. The popularity of Microsoft Teams has spiked as a result of the […]
French daily Le Figaro database accidentally exposed online, the archive included roughly 7.4 billion records containing personal information of employees and users. French daily newspaper Le Figaro exposed roughly 7.4 billion records containing personally identifiable information (PII) of employees, reporters, and at least 42,000 users. The database was discovered by the Safety Detectives team of […]
Oracle warns of attacks against recently patched WebLogic security bug Oracle warns of attacks in the wild exploiting a recently patched vulnerability in WebLogic servers for which a PoC code is available on GitHub. IT giant Oracle published a security alert to warn organizations running WebLogic servers of ongoing attacks that exploit the CVE-2020-2883 vulnerability. […]
COVID-19 disinformation and misinformation campaigns continue to proliferate around the world, with potentially harmful consequences for society. During a COVID-19 crisis, while most of the people have to maintain social distancing and work from home, threat cyber are attempting to conduct disinformation and misinformation campaigns. The main difference between misinformation and disinformation is that the […]
The development team oh the Ninja Forms WordPress plugin fixed a high severity security flaw that can let attackers take over websites. The developers behind the Ninja Forms WordPress plugin have addressed a Cross-Site Request Forgery (CSRF) vulnerability that could lead to Stored Cross-Site Scripting (Stored XSS) attacks. Ninja Forms is a drag and drop form builder plugin […]
Microsoft warns of a spike in malware spreading via pirate streaming services and movie piracy sites during the COVID-19 pandemic. With most people forced to stay at home due to the ongoing COVID-19 pandemic, the popularity of pirate streaming services and movie piracy sites is rocketed. Crooks are attempting to take advantage of COVID-19 pandemic […]
Group-IB uncovered a new sophisticated phishing campaign, tracked as PerSwaysion, against high-level executives of more than 150 companies worldwide. Group-IB, a Singapore-based cybersecurity company, has identified a series of sophisticated successful phishing attacks against the management and executives of more than 150 companies around the world. The campaign, dubbed PerSwaysion due to the extensive abuse […]
Security researchers from Check Point Research Team discovered critical vulnerabilities in three popular e-learning plugins for WordPress sites. Security researchers at Check Point Research Team are warning of recently discovered vulnerabilities in some popular online learning management system (LMS) WordPress plugins. The impact could be serious because these WordPress plugins are used for WordPress sites […]
The number of RDP brute-force attacks is skyrocketing in mid-March due to remote working imposed during the COVID-19 pandemic. Researchers from Kaspersky Lab are observing a significant increase in the number of RDP brute-force attacks since the beginning of the COVID-19 pandemic. Earlier this month, researchers from Shodan reported a 41% increase in the number of RDP […]