As new malware is developed, hackers are becoming more interested in using the Windows Subsystem for Linux (WSL) as an attack surface, with the most complex instances being capable of espionage and downloading other dangerous modules. WSL allows native Linux…
A low-cost Turkish airline unwittingly exposed data of flight crew along with source code and flight data. Early reports say that the exposure happened because of the misconfiguration of an AWS bucket. A research team from security comparison site SafetyDetectives…
This month has seen an increase in ChromeLoader malware detections. There has been a steady stream of attacks since the beginning of the year. ChromeLoader ChromeLoader is a browser hijacker that modifies the settings of victims’ web browsers to display…
A zero-day flaw in Microsoft Office has caught the attention of cybersecurity researchers; the flaw can be exploited to execute arbitrary code in affected Windows systems. The vulnerability was discovered when an independent cybersecurity research team, known as nao_sec, came…
Information in the database could be utilised in social engineering and SIM switching attacks. A hacker stole a database containing hundreds of Verizon employees’ full names, email addresses, corporate ID numbers, and phone numbers. It’s uncertain whether all of the…
Zyxel has rolled out patches for four security flaws plaguing its firewall, AP Controller, and AP products. The flaw can be exploited to carry out arbitrary system commands and steal select information. CVE-2022-0734: Some firewalls have cross-site scripting (XSS) flaws…
A malvertising threat has been rising since its emergence earlier this year. The malware, known as ChromeLoader, is a “pervasive and persistent browser hijacker that modifies its victims’ browser settings and redirects user traffic to advertisement websites,” Aedan Russell of…
According to new research, the threat actor behind the stealthy BPFdoor malware for Linux and Solaris exploited an existing weakness to gain persistence on targeted systems. BPFDoor is a custom backdoor that has been used in assaults on telecommunications, government,…
On July 14th, 2020, Hackread.com reported that a hacker with the online handle of NightLion stole various databases from DataViper, a breach observing site. One of the affected databases belonged to MGM Resorts, which had 142 million customer data. NightLion,…
According to a security researcher, an unpatched vulnerability in PayPal’s money transfer service could allow attackers to deceive victims into completing attacker-directed transactions with a single click. Clickjacking, also known as UI redressing, is a method of tricking an unwary…
