/ Security News /

Cybersecurity researchers have discovered a new unpatched vulnerability in the Android operating system that dozens of malicious mobile apps are already exploiting in the wild to steal users’ banking and other login credentials and spy on their activities. Dubbed Strandhogg, the vulnerability resides in the multitasking feature of Android that can be exploited by a …

/ Security News /

Watch out Windows users! The cybercriminal group behind BitPaymer and iEncrypt ransomware attacks has been found exploiting a zero-day vulnerability affecting a little-known component that comes bundled with Apple’s iTunes and iCloud software for Windows to evade antivirus detection. The vulnerable component in question is the Bonjour updater, a zero-configuration implementation of network communication protocol …

/ Security News /

Another day, another revelation of a critical unpatched zero-day vulnerability, this time in the world’s most widely used mobile operating system, Android. What’s more? The Android zero-day vulnerability has also been found to be exploited in the wild by the Israeli surveillance vendor NSO Group—infamous for selling zero-day exploits to governments—or one of its customers, …

/ Security News /

You must update your Google Chrome immediately to the latest version of the web browsing application. Security researcher Clement Lecigne of Google’s Threat Analysis Group discovered and reported a high severity vulnerability in Chrome late last month that could allow remote attackers to execute arbitrary code and take full control of the computers. The vulnerability, …

/ Security News /

It’s not just the critical Drupal vulnerability that is being exploited by in the wild cybercriminals to attack vulnerable websites that have not yet applied patches already available by its developers, but hackers are also exploiting a critical WinRAR vulnerability that was also revealed last week. A few days ago, The Hacker News reported about a …

/ Security News /

If you have already uninstalled Flash player, well done! But if you haven’t, here’s another great reason for ditching it. Adobe has released a security patch update for a critical vulnerability in its Flash Player software that is actively being exploited in the wild by hackers in targeted attacks against Windows users. Independently discovered last …

/ Security News /

Earlier this month a cybersecurity researcher shared details of a security loophole with The Hacker News that affects all versions of Microsoft Office, allowing malicious actors to create and spread macro-based self-replicating malware. Macro-based self-replicating malware, which basically allows a macro to write more macros, is not new among hackers, but to prevent such threats, …

/ Security News /

Image: iStockphoto/milicad Facebook’s Australia division uses sophisticated algorithms to identify users as young as 14 years old who feel “worthless” and “insecure” to target advertising to them, a leaked internal document revealed. The Australian released the 23-page document, marked “Confidential: Internal Only” and dated 2017, on Monday. In it, Facebook executives describe how they can …

/ Security Assessments News /

One of the Microsoft Windows vulnerabilities used to spread the Stuxnet worm that targeted Iran remained the most widely exploited software bug in 2015 and 2016 even though the bug was patched years earlier, according to a report published by antivirus provider Kaspersky Lab. Enlarge / The most widespread exploits of 2015. Kaspersky Lab Enlarge …

/ Security Assessments News /

Enlarge / An identical artifact in two exploits, one installing Finspy and the other Latenbot. FireEye A critical Microsoft Word zero-day that was actively exploited for months connected two strange bedfellows, including government-sponsored hackers spying on Russian targets and financially motivated crooks pushing crimeware. That assessment, made Wednesday with “moderate confidence” from researchers at security …