Collaborate Disseminate
Security researchers have illustrated a new app-in-the-middle attack that could allow a malicious app installed on your iOS device to steal sensitive information from other apps by exploiting certain implementations of Custom URL Scheme.
By default on… Continue reading iOS URL Scheme Could Let App-in-the-Middle Attackers Hijack Your Accounts
After months of negotiations, the United States Federal Trade Commission (FTC) has approved a record $5 billion settlement with Facebook over its privacy investigation into the Cambridge Analytica scandal.
The settlement will put an end to a wide-rang… Continue reading Facebook to Pay $5 Billion Fine to Settle FTC Privacy Investigation
Are you sure the WhatsApp app you are using on your Android device is legitimate, even if it’s working perfectly as intended?
…Or the JioTV, AppLock, HotStar, Flipkart, Opera Mini or Truecaller app—if you have installed any of these?
I’m asking thi… Continue reading New Malware Replaced Legit Android Apps With Fake Ones On 25 Million Devices
Magecart strikes again!
Cybersecurity researchers have identified yet another supply-chain attack carried out by payment card hackers against more than 17,000 web domains, which also include websites in the top 2,000 of Alexa rankings.
Since Magecart… Continue reading Magecart Hackers Infect 17,000 Sites Through Misconfigured Amazon S3 Buckets
One of the most powerful, infamous, and advanced piece of government-grade commercial surveillance spyware dubbed FinSpy—also known as FinFisher—has been discovered in the wild targeting users in Myanmar.
Created by German company Gamma International,… Continue reading Powerful FinSpy Spyware Found Targeting iOS and Android Users in Myanmar
Microsoft today released its monthly batch of software security updates for the July month to patch a total of 77 vulnerabilities, 14 are rated Critical, 62 are Important, and 1 is rated Moderate in severity.
The July 2019 security updates include pat… Continue reading Microsoft Releases July 2019 Security Updates, 2 Flaws Under Active Attack
Security researchers at Microsoft have released details of a new widespread campaign distributing an infamous piece of fileless malware that was primarily being found targeting European and Brazilian users earlier this year.
Dubbed Astaroth, the malwa… Continue reading Watch Out! Microsoft Spotted Spike in Astaroth Fileless Malware Attacks
If you use Zoom video conferencing software on your Mac computer—then beware—any website you’re visiting in your web browser can turn on your device camera without your permission.
Ironically, even if you had ever installed the Zoom client on your dev… Continue reading Flaw in Zoom Video Conferencing Software Lets Websites Hijack Mac Webcams
Except for phishing and scams, downloading an HTML attachment and opening it locally on your browser was never considered as a severe threat until a security researcher today demonstrated a technique that could allow attackers to steal files stored on … Continue reading 17-Year-Old Weakness in Firefox Let HTML File Steal Other Files From Device
Taiwanese networking equipment manufacturer D-Link has agreed to implement a “comprehensive software security program” in order to settle a Federal Trade Commission (FTC) lawsuit alleging that the company didn’t take adequate steps to protect its consu… Continue reading D-Link Agrees to 10 Years of Security Audits to Settle FTC Charges