Magecart Group 5 has been spotted testing and preparing code to be injected onto commercial routers – potentially opening up guests connecting to Wi-Fi networks to payment data theft.
Jessica spends 12 hours a day on the internet managing security for web assets and loves her macha tea
An active APT campaign aimed at tech companies is underway, which also uses a legitimate NVIDIA graphics function.
Jessica spends 12 hours a day on the internet managing security for web assets and loves her macha tea
It’s not a Patch Tuesday, but Microsoft is rolling out emergency out-of-band security patches for two new vulnerabilities, one of which is a critical Internet Explorer zero-day that cyber criminals are actively exploiting in the wild. Discovered by Clément Lecigne of Google’s Threat Analysis Group and tracked as CVE-2019-1367, the IE zero-day is a remote…
Though Russia still has an undiversified and stagnant economy, it was one of the early countries in the world to realize the value of remotely conducted cyber intrusions. In recent years, many Russia hacking groups have emerged as one of the most sophisticated nation-state actors in cyberspace, producing highly specialized hacking techniques and toolkits for…
An anonymous hacker today publicly revealed details and proof-of-concept exploit code for an unpatched, critical zero-day remote code execution vulnerability in vBulletin—one of the widely used internet forum software. One of the reasons why the vulnerability should be viewed as a severe issue is not just because it is remotely exploitable, but also doesn’t require…
A team of Canadian cybersecurity researchers has uncovered a sophisticated and targeted mobile hacking campaign that is targeting high-profile members of various Tibetan groups with one-click exploits for iOS and Android devices. Dubbed Poison Carp by University of Toronto’s Citizen Lab, the hacking group behind this campaign sent tailored malicious web links to its targets…
Many organizations regard Endpoint Detection and Response (EDR) as their main protection against breaches. EDR, as a category, emerged in 2012 and was rapidly acknowledged as the best answer to the numerous threats that legacy AV unsuccessfully struggled to overcome – exploits, zero-day malware and fileless attacks are prominent examples. While there is no dispute…
A spearphishing campaign first uncovered in July is hitting more utilities firms and spreading the LookBack malware, which has capabilities to view system data and reboot machines.
Jessica spends 12 hours a day on the internet managing security for web assets and loves her macha tea
Microsoft has issued a patch for an Internet Explorer remote code execution flaw that is being actively exploited in the wild.
Jessica spends 12 hours a day on the internet managing security for web assets and loves her macha tea
Google is tightening its privacy controls over its Google Assistant voice assistant after a report earlier this year found that it was eavesdropping on user conversations.
Jessica spends 12 hours a day on the internet managing security for web assets and loves her macha tea
