A misconfigured Git server has resulted in sensitive information pertaining to the company Nissan being leaked. The information exposed in the breach includes the source code of mobile apps, diagnostics tools, market research tools, and sensitive data. The Git server was left publicly exposed with a default username and basic

An emerging operation leverages a new Remote Access Tool (RAT) that is designed to steal crypto-currency from users. Since January 2020, ElectroRAT, as named by Intezer, has been active in a full marketing campaign complete with applications, social media accounts and websites. The RAT is written in Golang and is

SolarWinds and some of its executives have been accused of lying to shareholders about its security. In a class-action lawsuit filed by shareholders Solarwinds, outgoing CEO Keven Thompson, and CFO Barton Kalso are named as defendants. The suit claims that there were false and misleading statements made from the company

Google’s latest Andriod security update fixed 43 bugs affecting Android handsets and Samsung phones. Two of the bigs affecting Google’s Andriod handsets were flagged as critical, while the most serious flaw lies in the Andriod System component and allows remote attackers to compromise a device through executing arbitrary code. Two

Telegram’s “people nearby” feature can be used to reveal a user’s precise location, according to bug-hunter Ahmed Hassan. The feature allows users of the secure messaging app to see who’s around them, however, it has been compromised by a severe security flaw. Hassan states that although you must enable the

Chinese threat actor group APT27 (also known as Emissary Panda) and Winnti have been identified as the culprit behind multiple ransomware attacks against firms last year. New research from Security Joes and Pro reveals how they found the threat actors behind the attacks after investigating an incident in which ransomware

Over the past two months, Check Point security found that cyberattacks on global healthcare organizations increased at an alarming rate, almost double that of cyberattacks targeting other sectors. Check Point covered data from the beginning of November to the end of 2020, comparing it to the two previous months, September

The Government Accountability Office has found that 10 out of 15 of the Department of Defense’s IT projects are behind schedule. The Defense Department’s programs consist of software development approaches seeking to avoid cost increases and schedule delays for information technology systems. However, the Government Accountability Office (GAO) also found

Security researchers have discovered a hardcoded admin-level backdoor account on more than 100,000 Zyxel firewalls, VPN gateways, and access point controllers. These backdoor accounts can grant attackers root access via the web administration panel or the SSH interface, making the situation a critical threat to consumers. The backdoor account was

Security researchers have discovered roughly 500,000 breached employee credentials related to popular video game companies. Researchers also uncovered a million compromised internal accounts for sale on the dark web. Threat intelligence firm Kela moved to investigate the top 25 publicly listed companies in the sector, soon finding a thriving market