18 Nov 2019

Tianfu Cup Round-Up: Safari, Chrome, D-Link Routers and Office 365 Successfully Hacked

Chinese white-hat hacking competition, the Tianfu Cup, took place over the weekend as hackers used never-before-seen zero days to compromise popular software. The Tianfu Cup aims to identify vulnerabilities through competition between hacking groups and bears many similarities to the international hacking contest Pwn2Own. The Tianfu Cup was created exclusively

Read More
18 Nov 2019

US Govt Recommends Vendor System Configs To Block Malware Attacks

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) reminded users last week to property configure systems to defend against malware. CISA published the document through the US National Cyber Awareness System, which is designed to keep users updated on current security threats. The agency recommended installing and

Read More
18 Nov 2019

Thousands of hacked Disney+ accounts are already for sale on hacking forums

Disney+ was released on November 12, and has already gained more than 10 million customers despite the service only being available in the US, Canada, and the Netherlands. Just hours after the launch, hackers began offering accounts on hacking forums with prices varying from $3 to $11. Users reported that

Read More
18 Nov 2019

Attackers using WhatsApp MP4 video files vulnerability can remotely execute code

Last week a severe vulnerability in the WhatsApp messaging software was uncovered, allowing hackers to perform remote code execution attacks. Facebook reported that the bug is a stick-based buffer overflow problem that can be prompted by attackers sending .MP4 video files. The vulnerability can be exploited to conduct denial-of-service (DoS)

Read More
15 Nov 2019

Capture the Flag Competition Aims to Trace Missing Persons

Next month, SANS Institute and Trace Labs will host an Open-Source Intelligence (OISINT) Missing Persons Capture the Flag in Washington, D.C., in which professionals will compete to find leads in real missings persons cases. Participants will gather intelligence from available data on government records, the dark web, social media, and

Read More
15 Nov 2019

GitHub launches ‘Security Lab’ to help secure open-source ecosystem

At the GitHub conference on Thursday, GitHub announced a new program called Security Lab, a collaboration between different security researchers to fix bugs in open source projects. GitHub stated that the team will dedicate full-time resources to find vulnerabilities in popular open-source projects. The members come from organizations like Microsoft,

Read More
15 Nov 2019

New phishing email campaign impersonates US postal service to deliver malware

A report published on Thursday by Proofpoint states that a phishing campaign that has been targeting Europe has now been attacking the United States with the goal of spreading Trojan malware onto computers. The latest phishing attacks impersonate the US Postal Service and contain a Word document that, when opened,

Read More
15 Nov 2019

Alleged $20M Carding Forum Mastermind Faces US Charges

Russian citizen Aleksei Burkov is facing charges of running a $20 million carding forum. Burkov arrived at Dulles International Airport on Monday after being arrested in Israel in 2015, and now faced charges within the US after several attempts to circumvent extradition to the U.S. Burkov allegedly ran the site

Read More
15 Nov 2019

5,183 breaches from the first nine months of 2019 exposed 7.9 billion records

According to a report released by Risk Based Security, Q3 2019 saw a 33.3% increase in security breaches when compared to Q3 of 2018. 5,183 breaches have been reported in 2019 so far. Risk Based Security claims that 2019 has been the worst year in terms of data privacy breaches,

Read More
14 Nov 2019

Gaping ‘hole’ in Qualcomm’s Secure World mobile vault leaked sensitive data

A hole found in the Qualcomm Secure World virtual processor that could be exploited to leak financial information has been patched and disclosed by researchers. Cybersecurity researchers at Check Point conducted a four-month study and concluded that it is not impossible to crack the Secure World operating system through fuzzing

Read More