According to a security researcher, an unpatched vulnerability in PayPal’s money transfer service could allow attackers to deceive victims into completing attacker-directed transactions with…
General
The Snake Keylogger is spread via malicious PDFs.
The email campaign also made use of Microsoft Word, which exploited a 22-year-old Office RCE flaw. While most malicious e-mail campaigns employ Word documents…
Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover
More than 90,000 websites are affected by the privilege escalation bug discovered in the Jupiter and JupiterX Core Plugin. According to scientists, a significant…
IBM helps schools across the globe to build strong cybersecurity defenses
IBM has extended a program that improves cybersecurity defenses of public schools with$5 million in grants. On Tuesday, IBM announced that it would offer…
When Ransomware Attacks, How Do You Protect Your Data?
Ransomware is not a novel type of attack. Indeed, the first malware surfaced almost 30 years ago and was delivered using 5.25-inch floppy discs.…
What Is the Risk of a Cyber Attack on Transportation?
If an attacker gains access to a transit agency’s networks, the consequences might be considerably more serious than server outages or exposed emails. Consider…
An unpatched flaw can result in attackers stealing from PayPal users
A security researcher asserts that he has uncovered an unpatched flaw in PayPal’s money transfer service. The flaw can allow attackers to deceive victims…
Microsoft’s report tracks a 254% surge in XorDdos Malware
XorDdos, a Linux botnet malware, has been used extensively—a 254% increase—in the last six months, a Microsoft research reports. The trojan derives its name…
Google’s OAuth client library for Java had a major flaw
Last month Google patched a severe flaw in its OAuth client library for Java; the actors can exploit the flaw by using a compromised…
Microsoft highlights attackers are using fileless methods to persist on SQL servers
On Tuesday, Microsoft warned about a malicious campaign targeting SQL servers that uses a built-in PowerShell binary to persist on affected systems. The intrusions,…