Researchers have uncovered a malicious scheme mainly directed towards Chinese users via fake apps on Android and iOS that resemble genuine digital wallet services…
General
General
Azure developers targeted by more than 200 NPM malicious packages
A new massive supply chain attack targeting Azure developers for stealing personal information has deployed more than 218 malicious NPM packages. “After manually inspecting…
General
BitRAT Spreads as Windows 10 license activator over the Internet as a cheap and elusive
Analysts from AhnLab, a company specialized in cybersecurity, revealed the spread of a new but already known virus called BitRAT. What is BitRAT? BitRAT,…
General
A New Backdoor and a Unique Attack Chain – Slithering Serpent
A new email campaign attacking French entities uses a highly evasive attack chain. The phishing campaign is installing a new backdoor named Serpent. Initial…
General
Botnet Malware jeopardises over 2,00,000 Mikro Tik routers
Mikro Tik’s vulnerable routers have been used in one of the largest botnet-as-a-service cybercrime, according to cybersecurity researchers. Avast published a new piece of…
General
New Browser-in-the Browser (BITB) Attack Makes Phishing Nearly Undetectable
Can web browsers protect us, even if it is HTTPS? Maybe yes, but not with the novel BitB attack, which fakes us by a…
General
Gh0stCringe Targets Weakly Configured Microsoft SQL, MySQL Servers
Researchers have identified that the actors behind the Gh0stCringe remote access trojan are targeting Microsoft SQL and MySQL database servers. Gh0stCringe, which is thought…
General
Dell BIOS bugs impact millions of Inspiron, Vostro, XPS, Alienware systems.
Five new vulnerabilities have been found in Dell BIOS; if the vulnerabilities are successfully exploited, the systems can have codes executed remotely. The Dell…
General
iPhone feature being used in “CryptoRom” scam
Social engineering attacks have been using romantic traps and cryptocurrency tricks to lure victims into installing duplicate apps. These attacks use legitimate iOS features…
General
Attackers can get out of Kubernetes containers because of a vulnerability in CRI-O engine
Attackers can exploit a previously unknown security vulnerability in the Kubernetes container engine CRI-O labelled cr8escape. The attacker can exploit the vulnerability to escape…