A cybercrime gang focused on Business Email Compromise (BEC) has started using coronavirus-themed scam emails in its attacks. While the Coronavirus is spreading worldwide cybercriminals and nation-state actors are launching COVID19-themed attacks on a global scale. Most of the attacks aimed at spreading malware to control victims’ computers and stealing sensitive data, but now a […]
Slack addressed a critical flaw within 24 hours from its disclosure, the issue allowed attackers to carry out automate account takeover. The researcher Evan Custodio discovered a critical vulnerability in Slack that could have allowed attackers to launch automate account takeover. Slack addressed the vulnerability within 24 hours it was reported by the researcher, the […]
Tor Project maintainers warned users about a severe flaw in the Tor browser that may execute JavaScript code on sites it should not. The Tor Project announced a major bug in the Tor browser that may cause the execution of JavaScript code on sites for which users have specifically blocked JavaScript. The development team at […]
A cyber attack hit one of the major COVID-19 testing laboratories in Czech, the Brno University Hospital in the city of Brno. While the Coronavirus (COVID-19) is spreading on a global scale, crooks and nation-state actors are launching Coronavirus-themed attacks against targets worldwide. The healthcare systems of any country are under pressure, for this reason, […]
European authorities dismantled two cybercrime organizations responsible for stealing millions through SIM hijacking. European authorities managed to dismantle the operations of two cybercrime gangs responsible for stealing millions through SIM hijacking. In SIM hijacking attacks (aka SIM swapping attacks) crooks are able to port the phone number of the victims to a new SIM card […]
VMware has fixed three serious flaws in its products, including a critical issue in Workstation and Fusion that allow code execution on the host from guest. VMware has addressed three serious vulnerabilities in its products, including a critical flaw in Workstation and Fusion that could be exploited to execute code on the host from guest. […]
In the last weeks, security experts reported many Coronavirus-themed attacks carried out by cybercrime gangs, now experts warn of similar attacks from nation–state actors. Recently security experts reported many Coronavirus-themed attacks carried out by cybercrime gangs, but now experts are warning of similar attacks launched by nation-state actors. State-sponsored hackers from Russia, China, and North […]
Flaws in the Popup Builder WordPress plugin could allow unauthenticated attackers to inject malicious JavaScript code into popups of 100K+ websites. The Popup Builder WordPress plugin is affected by security flaws that could be exploited by unauthenticated attackers to inject malicious JavaScript code into popups displayed on websites using it. More than 100,000 websites are […]
The Russia-linked APT group Turla employed two new pieces of malware in attacks launched over a period of roughly two months in the fall of 2019. The Russia-linked APT group Turla employed two new pieces of malware in attacks launched over a period of roughly two months in the fall of 2019. The Turla APT group (aka Snake, Uroburos, Waterbug, Venomous […]
Flaws Riddle Zyxelâs Network Management Software Experts have found tens of security vulnerabilities in Zyxel Network Management Software, including backdoors and hardcoded SSH keys. Security researchers Pierre Kim and Alexandre Torres have discovered several vulnerabilities Zyxel Cloud CNM SecuManager software that could expose users to cyber attacks. The Zyxel Cloud CNM SecuManager is a comprehensive […]