27 May 2020

26 million LiveJournal accounts being shared on hacker forums

A massive data breach has hit LiveJournal, and the data is being advertised on several different hacker forms for free. The information in the leak includes plain text passwords converted from MD5 hashes, as well as email addresses, usernames, and profile URLs. Since May 8th of this year, the data

Read More
27 May 2020

New fuzzing tool finds 26 USB bugs in Linux, Windows, macOS, and FreeBSD

Researchers have used a new fuzzing tool to uncover a total of 26 vulnerabilities in operating systems Linux, macOS, Windows, and FreeBSD. The research team consists of individuals from Purdue University and the Swiss Federal Institute of Technology Lausanne. The fuzzing tool was created by the researchers and has been

Read More
26 May 2020

70 Percent of Mobile, Desktop Apps Contain Open-Source Bugs

Veracode’s annual State of Software Security report has revealed that researchers found 70 percent of applications available online contain at least one security flaw stemming from the use of an open-source library. This can arguably be attributed to a lack of awareness about where and how open source libraries are

Read More
26 May 2020

Home Chef Serves Up Data Breach for 8 Million Records

The hacking group ShinyHunters has hit a popular mail-order meal kit company, Home Chef. Home Chef’s customer records were leaked as a result of the breach, according to a notice posted on the company’s website stating that customer information including email addresses, names, phone numbers, encrypted passwords, and four digits

Read More
22 May 2020

Hackers Start Leaking Files Stolen From Shipping Giant Toll

Australian shipping giant Toll was hit by Nefilim ransomware earlier this month, marking its second ransomware attack since January. The hack did not result in data getting stolen, however, files were gathered from a corporate server in the attack. The shipping company refused to pay ransom demands made by the

Read More
22 May 2020

Hackers Can Target Rockwell Industrial Software With Malicious EDS Files

Two vulnerabilities found by cybersecurity firm Claroty have been patched recently by Rockwell Automation. The flaws are related to Electronic Data Sheet (EDS) files and can allow for malicious actors to expand access within a target’s OT network. Earlier this week, advisories for the vulnerabilities were published by Rockwell and

Read More
21 May 2020

Crooks Tap Google Firebase in Fresh Phishing Tactic

Researchers have uncovered a new series of phishing campaigns that use Google Firebase storage URLs, stating that the threat actors are leveraging the reputation of cloud infrastructure created by Google to lure victims. The phishing campaign begins with spam emails that prompt victims to click on a Firebase link inside

Read More
21 May 2020

Thousands of Israeli sites defaced with code seeking permission to access users’ webcams

A new threat actor group by the name “Hackers of Savoir” has targeted thousands of Israeli websites, defacing them to display an anti-Israeli message and malicious code that requests access to site visitors’ webcams. Researchers believe that more than 2,000 websites have been defaced by the group during the campaign,

Read More
20 May 2020

NIST Wants Help Demonstrating Security Compliance in 5G

According to a recent announcement, the National Institute of Standards and Technology (NIST) is seeking organizations to participate in a collaborative effort to implement cybersecurity standards into 5G networking technology, aiming to eventually create a publication that outlines best practices. The NIST plans on publishing a notice later today, stating

Read More
20 May 2020

WolfRAT Android Malware Targets WhatsApp, Facebook Messenger

A new Android malware family has been identified by security researchers after it was repeatedly spotted in campaigns against Thai targets. According to researchers, the malware family, dubbed WolfRAT, targets popular messaging apps to gather intelligence. WhatsApp and Facebook Messenger are among those utilized by the malware operators, who are

Read More