/ Security Assessments News /

Apple said it has pushed a silent macOS update that removes the undocumented webserver that was installed by the Zoom conferencing app for Mac. The webserver accepts connections from any device connected to the same local network, a security researcher disclosed on Monday. The server continues to run even when a Mac user uninstalls Zoom. …

/ Security News /

Ransomware has been around for a few years but has become an albatross around everyone’s neck—from big businesses and financial institutions to hospitals and individuals worldwide—with cyber criminals making millions of dollars. In just past few months, we saw a scary strain of ransomware attacks including WannaCry, Petya and LeakerLocker, which made chaos worldwide by …

/ Security News /

Cyber criminals are becoming more adept, innovative, and stealthy with each passing day. They have now shifted from traditional to more clandestine techniques that come with limitless attack vectors and are harder to detect. Security researchers have discovered that one of the most dangerous Android banking Trojan families has now been modified to add a …

/ Security News /

Security researchers at Google have discovered a new family of deceptive Android spyware that can steal a whole lot of information on users, including text messages, emails, voice calls, photos, location data, and other files, and spy on them. Dubbed Lipizzan, the Android spyware appears to be developed by Equus Technologies, an Israeli startup that …

/ Security News /

Researchers have discovered a new attack, dubbed ‘Cloak and Dagger’, that works against all versions of Android, up to version 7.1.2. Cloak and Dagger attack allows hackers to silently take full control of your device and steal private data, including keystrokes, chats, device PIN, online account passwords, OTP passcode, and contacts. What’s interesting about Cloak …

/ Security Assessments News /

Enlarge / A sample e-mail from Dridex campaign exploiting Microsoft Word zero-day. Proofpoint Booby-trapped documents exploiting a critical zero-day vulnerability in Microsoft Word have been sent to millions of people around the world in a blitz aimed at installing Dridex, currently one of the most dangerous bank fraud threats on the Internet. As Ars reported …

/ Security Assessments News /

Enlarge / A sample e-mail from Dridex campaign exploiting Microsoft Word zero-day. Proofpoint Booby-trapped documents exploiting a critical zeroday vulnerability in Microsoft Word have been sent to millions people around the world in a blitz aimed at installing Dridex, currently one of the most dangerous bank fraud threats on the Internet. As Ars reported on …