News aggregator

Cybersecurity researchers today issued a security advisory warning enterprises and governments across the globe to immediately patch a highly-critical remote code execution vulnerability affecting F5's BIG-IP networking devices running application security servers. The vulnerability, assigned CVE-2020-5902 and rated as critical with a CVSS score of 10 out of 10, could let remote attackers

At the risk of giving you a feeling of déjà vu all over again, it's time to talk about Facebook hoaxes once more.

In a joint operation, European and British law enforcement agencies recently arrested hundreds of alleged drug dealers and other criminals after infiltrating into a global network of an encrypted chatting app that was used to plot drug deals, money laundering, extortions, and even murders. Dubbed EncroChat, the top-secret encrypted communication app comes pre-installed on a customized

They're not surveillance spectacles, says Google, just a piece in the jigsaw of "ambient computing", where helpfulness is all around you.

Still thinking "the crooks probably won't find me if I make a security blunder"?

Databases can be had for as little as $100, on up to $1,100. Most, if not all, are being sold by the hacking group Shiny Hunters.

A new research has uncovered multiple critical reverse RDP vulnerabilities in Apache Guacamole, a popular remote desktop application used by system administrators to access and manage Windows and Linux machines remotely. The reported flaws could potentially let bad actors achieve full control over the Guacamole server, intercept, and control all other connected sessions. According to a

Booby-trapped images could be used to attack Windows 10 and Windows Server 2019 - update now!

Microsoft yesterday quietly released out-of-band software updates to patch two high-risk security vulnerabilities affecting hundreds of millions of Windows 10 and Server editions' users. To be noted, Microsoft rushed to deliver patches almost two weeks before the upcoming monthly 'Patch Tuesday Updates' scheduled for 14th July. That's likely because both flaws reside in the Windows Codecs

No US entity charges citizens for registering to vote, but plenty of Google ads were happy to do so - and to grab your PII in the process.

TLS 1.0 and TLS 1.1 are now considered security risks and blocked by default.

A new class of security tools is emerging that promises to significantly improve the effectiveness and efficiency of threat detection and response. Emerging Extended Detection and Response (XDR) solutions aim to aggregate and correlate telemetry from multiple detection controls and then synthesize response actions. XDR has been referred to as the next step in the evolution of Endpoint

Cybersecurity researchers this week discovered a new type of ransomware targeting macOS users that spreads via pirated apps. According to several independent reports from K7 Lab malware researcher Dinesh Devadoss, Patrick Wardle, and Malwarebytes, the ransomware variant — dubbed "EvilQuest" — is packaged along with legitimate apps, which upon installation, disguises itself as Apple's

Is it fair to expect everyone to renew all their web certificates every year? Apple says yes, and now Google does too.

TikTok, for one, promised to knock this off months ago but was caught red-handed, still at it, by the new clipboard notification in iOS 14.

Cybersecurity researchers today uncovered new details of watering hole attacks against the Kurdish community in Syria and Turkey for surveillance and intelligence exfiltration purposes. The advanced persistent threat behind the operation, called StrongPity, has retooled with new tactics to control compromised machines, cybersecurity firm Bitdefender said in a report shared with The Hacker

If you run a website or a blog, watch out for emails promising "DNSSEC upgrades" - these scammers are after your whole site.

A United States federal district court has finally sentenced a Russian hacker to nine years in federal prison after he pleaded guilty of running two illegal websites devoted to facilitating payment card fraud, computer hacking, and other crimes. Aleksei Yurievich Burkov, 30, pleaded guilty in January this year to two of the five charges against him for credit card fraud—one count of access

In what's one of the most innovative hacking campaigns, cybercrime gangs are now hiding malicious code implants in the metadata of image files to covertly steal payment card information entered by visitors on the hacked websites. "We found skimming code hidden within the metadata of an image file (a form of steganography) and surreptitiously loaded by compromised online stores," Malwarebytes

Kenneth Schuchman, the creator of the massive Satori botnet of enslaved devices, will be spending 13 months behind bars.