At least 8 vulnerabilities have been discovered in Carrier’s LenelS2 HID Mercury access control system; The system is prevalent in healthcare, education, transportation and government sector. “The vulnerabilities uncovered allowed us to demonstrate the ability to remotely unlock and lock…
As phishing attempts continue to be a popular target for cybercriminals, one scam discovered that a user had acquired a million Facebook account credentials in just four months. Anti-phishing firm PIXM discovered that a fake Facebook login gateway was being…
The Onapsis Research Labs keep a close eye on the changing threat landscape in order to better understand how commercial software like SAP and Oracle are being targeted. Our in-depth analysis enables the Onapsis Research Labs to uncover new threats,…
Through search results for a pirated edition of the CCleaner Pro Windows optimization tool, malware that steals your passwords, credit cards, and crypto wallets is being marketed. This new malware distribution effort, called “FakeCrack,” was uncovered by Avast analysts, who…
The infamous Emotnet malware has been deploying a new module to steal credit card information stored in the Chrome web browser. The credit card stealer, which only targets Chrome, can exfiltrate the collected information to different remote command-and-control (C2) servers,…
U.S cybersecurity and intelligence agencies have cautioned about Chinese-state-sponsored cyber actors exploiting network vulnerabilities to public and private sector organizations since at least 2020. The prevalent intrusion campaigns exploit publicly known flaws in network devices like Small Office/Home Office (SOHO)…
Microsoft Office has a security flaw that might allow for remote code execution attacks, according to researchers. The vulnerability gained notoriety as a zero-day after researchers discovered it was being exploited against Microsoft Office programmes. Microsoft Office Zero-Day A significant…
To spread laterally through hacked corporate environments, the Black Basta ransomware gang has collaborated with the QBot malware operation. QBot (QuakBot) is a Windows malware that steals bank credentials and Windows domain credentials before delivering additional malware payloads to infected…
At least 500,000 Android accounts have had their data compromised. According to security researchers, a chained zero-day attack could potentially expose all user data in the backend of the companion mobile app for a popular smart weight scale. Bogdan Tiron,…
The Food and Drug Administration (FDA) and the US Cybersecurity and Infrastructure Security Agency (CISA) have issued an advisory concerning serious security vulnerabilities in Illumina’s next-generation sequencing (NGS) software. The severity of three of the problems is rated 10 out…
