The security researcher Dhiraj Mishra (@mishradhiraj_) has studied how VPNs & Privacy Browsers leak users’ IPs via WebRTC Hi Internet, You might have heard about VPN’s & Privacy Browsers leaking users’ IPs via WebRTC [1] [2] Summary: Got CVE-2018-6849 reserved, wrote a Metasploit Module for this issue which uses WebRTC and collects the leak private IP address, however this module may […]
The Philippine central bank has thrown an alert to local financial institutions following a cyber attack against the SWIFT servers at the Malaysian central bank. The Philippine central bank has thrown an alert to local financial institutions following a cyber attack against the Malaysian central bank. According to Malaysian governor, the hackers attempted to steal money through fraudulent wire […]
A security expert discovered severe security issues in APFS file system for macOS High Sierra that expose passwords of encrypted external drives in plain text. A vulnerability in APFS file system for macOS High Sierra operating system has been discovered by forensic analyst Sarah Edwards. According to Edwards, the flaw exposes passwords of encrypted external drives in plain text. […]
Last week, the Czech Republic announced it had extradited the Russian hacker Yevgeni Nikulin (29) to the United States. Yevgeni Nikulin was requested by the US for alleged cyber attacks on social networks and by the Russian authorities that charged him with frauds. According to US authorities, the man targeted LinkedIn and Formspring and hacked into the file hosting […]
The security researcher FĂĄbio Castro discovered tens of thousands of Django apps that expose sensitive data because developers forget to disable the debug mode. Security researchers have discovered misconfigured Django applications that are exposing sensitive information, including passwords, API keys, or AWS access tokens. Django is a very popular high-level Python Web framework that allows rapid development of Python-based web applications. The […]
According to an NBC report, the Grindr gay-dating app was affected by 2 security issues (now patched) that could expose the information of its more than 3 million daily users. Every day we read of a new data breach, in some cases, exposed data could have a severe impact on the victim. According to an NBC report, the Grindr […]
Security researchers at Cybereason recently discovered a credential-stealing malware dubbed Fauxpersky, that is masquerading as Kaspersky Antivirus and spreading via infected USB drives. Fauxpersky was written in AutoIT or AutoHotKey, which respectively are a freeware BASIC-like scripting language designed for automating the Windows GUI and general scripting and a free keyboard macro program to send keystrokes to […]
A ransomware infected systems at the Uttar Haryana Bijli Vitran Nigam power company in India, crooks demanded 10 million Rupees to get the data back. The Uttar Haryana Bijli Vitran Nigam power company in India was hacked last week, attackers breached into its computer systems and stole the billing data of their customers. The hackers demanded 10 million Rupees to […]
Under Armour became aware of a potential security breach on March 25, the company said an unauthorized party had accessed MyFitnessPal user data. Under Armour learned of the data breach on March 25, it promptly reported the hack to law enforcement and hired security consultants to investigate the incident. Attackers hacked the MyFitnessPal application that […]
The Drupal development team has fixed the drupalgeddon2 vulnerability that could be exploited by an attacker to take over a website. A few days ago, Drupal Security Team confirmed that a âhighly criticalâ vulnerability, tracked as CVE-2018-7600, affects Drupal 7 and 8 core and announced the availability of security updates on March 28th. The vulnerability was discovered […]