27 May 2020

26 million LiveJournal accounts being shared on hacker forums

A massive data breach has hit LiveJournal, and the data is being advertised on several different hacker forms for free. The information in the leak includes plain text passwords converted from MD5 hashes, as well as email addresses, usernames, and profile URLs. Since May 8th of this year, the data

Read More
27 May 2020

New fuzzing tool finds 26 USB bugs in Linux, Windows, macOS, and FreeBSD

Researchers have used a new fuzzing tool to uncover a total of 26 vulnerabilities in operating systems Linux, macOS, Windows, and FreeBSD. The research team consists of individuals from Purdue University and the Swiss Federal Institute of Technology Lausanne. The fuzzing tool was created by the researchers and has been

Read More
26 May 2020

70 Percent of Mobile, Desktop Apps Contain Open-Source Bugs

Veracode’s annual State of Software Security report has revealed that researchers found 70 percent of applications available online contain at least one security flaw stemming from the use of an open-source library. This can arguably be attributed to a lack of awareness about where and how open source libraries are

Read More
26 May 2020

Home Chef Serves Up Data Breach for 8 Million Records

The hacking group ShinyHunters has hit a popular mail-order meal kit company, Home Chef. Home Chef’s customer records were leaked as a result of the breach, according to a notice posted on the company’s website stating that customer information including email addresses, names, phone numbers, encrypted passwords, and four digits

Read More
26 May 2020

Russian cyberspies use Gmail to control updated ComRAT malware

A new version of the ComRAT backdoor has been found by security researchers at ESET. The backdoor is controlled through the Gmail web interface and was discovered when the state-sponsored Russian hacker group Turla began using it to harvest data and steal information in attacks targeting governmental institutions. Other common

Read More
22 May 2020

Veterans Affairs Launches First Chatbot to Field COVID-19 Questions

Recently, the Veterans Affairs Department launched a chatbot that aims to provide veterans and their caregivers with answers regarding the COVID-19 pandemic. The chatbot was developed in less than a month through the Microsoft Healthcare Bot platform. The tool can be accessed 24/7 to assess symptoms related to COVID-19 as

Read More
22 May 2020

Wishbone Breach: 40 Million Records Leaked on Dark Web

Dark web trader ShinyHunters has leaked an alleged 40 million user records stolen from the mobile app Wishbone, stating that they had decided to leak the data for free after individuals started to resell it. Cybersecurity vendor Cyble reported the massive data breach, which marks ongoing tension in the cybercrime

Read More
22 May 2020

Hackers Start Leaking Files Stolen From Shipping Giant Toll

Australian shipping giant Toll was hit by Nefilim ransomware earlier this month, marking its second ransomware attack since January. The hack did not result in data getting stolen, however, files were gathered from a corporate server in the attack. The shipping company refused to pay ransom demands made by the

Read More
22 May 2020

Hackers Can Target Rockwell Industrial Software With Malicious EDS Files

Two vulnerabilities found by cybersecurity firm Claroty have been patched recently by Rockwell Automation. The flaws are related to Electronic Data Sheet (EDS) files and can allow for malicious actors to expand access within a target’s OT network. Earlier this week, advisories for the vulnerabilities were published by Rockwell and

Read More
21 May 2020

Crooks Tap Google Firebase in Fresh Phishing Tactic

Researchers have uncovered a new series of phishing campaigns that use Google Firebase storage URLs, stating that the threat actors are leveraging the reputation of cloud infrastructure created by Google to lure victims. The phishing campaign begins with spam emails that prompt victims to click on a Firebase link inside

Read More