WhatsApp Vulnerability Exploited To Install Spyware

It has been reported that a “targeted” surveillance attack was discovered in WhatsApp, hackers were able to remotely install surveillance software on phones and other devices using a major vulnerability in WhatsApp. The attack targeted a ‘select number’ of users and was orchestrated by ‘an advanced cyber actor”.   Social Media Reaction: “WhatsApp encourages people to upgrade to the latest […]

Fake Pirate Chick VPN Pushed AZORult Info Stealing Trojan

Adware bundles are installing a VPN software called Pirate Chick, which then connects to a remote server to download and install malicious payloads such the AZORult password-stealing Trojan.  MalwareHunter, who discovered and shared this Pirate Chick with Bleeping Computer, analysed this sample and came to the conclusion that this is a Trojan that pretends to be a legitimate VPN software, […]

Attackers Grabbing Payment Info From 4600 Sites

Exploit People to Circumvent Cyber-security

Hackers have injected malicious code into Alpaca forms and Picreel, an analytics service to steal payment information and passwords according to Security researcher Willhelm DeGroot.* DeGroot who discovered the attack believes more than 4,600 websites have been affected.  Supply chain attack of the week: @Picreel_ marketing software got hacked last night, their 1200+ customer sites are now leaking data to […]

Cisco Router Bug Has Global Implications

WIRED reported yesterday that a security bug in a Cisco router has massive global implications. According to the article, to compromise the routers, researchers from the security firm Red Balloon exploited two vulnerabilities. The first is a bug in Cisco’s IOS operating system—not to be confused with Apple’s iOS—which would allow a hacker to remotely obtain root access […]

Unprotected Elasticsearch Server Leaves 85% Of All Panama Citizens Data Exposed

Breach

A security researcher has discovered an Elasticsearch server that was left connected to the internet without a password, or firewall protection and has leaked what appears to be personal records and patient information for roughly 85 percent of Panama’s citizens.   Experts Comments: Hugo van den Toorn, Manager Offensive Security at Outpost24: “At first glance, it seems an […]

NBA Team Indiana Pacers Hit By Data Breach

The Indiana Pacers, a major franchise team in the NBA was hit by a data breach between October 15, 2018, and December 4, 2018. Pacers Sports & Entertainment (PSE), which also manages operations of the Bankers Life Fieldhouse arena, said that unauthorized access to several of its employee accounts had been gained by “unknown actors”. The news […]