WhatsApp Vulnerability Exploited To Install Spyware
It has been reported that a “targeted” surveillance attack was discovered in WhatsApp, hackers were able to remotely install surveillance software on phones and other devices using a major vulnerability in WhatsApp. The attack targeted a ‘select number’ of users and was orchestrated by ‘an advanced cyber actor”. Social Media Reaction: “WhatsApp encourages people to upgrade to the latest […]
Fake Pirate Chick VPN Pushed AZORult Info Stealing Trojan
Adware bundles are installing a VPN software called Pirate Chick, which then connects to a remote server to download and install malicious payloads such the AZORult password-stealing Trojan. MalwareHunter, who discovered and shared this Pirate Chick with Bleeping Computer, analysed this sample and came to the conclusion that this is a Trojan that pretends to be a legitimate VPN software, […]
Attackers Grabbing Payment Info From 4600 Sites
Hackers have injected malicious code into Alpaca forms and Picreel, an analytics service to steal payment information and passwords according to Security researcher Willhelm DeGroot.* DeGroot who discovered the attack believes more than 4,600 websites have been affected. Supply chain attack of the week: @Picreel_ marketing software got hacked last night, their 1200+ customer sites are now leaking data to […]
Cisco Router Bug Has Global Implications
WIRED reported yesterday that a security bug in a Cisco router has massive global implications. According to the article, to compromise the routers, researchers from the security firm Red Balloon exploited two vulnerabilities. The first is a bug in Cisco’s IOS operating system—not to be confused with Apple’s iOS—which would allow a hacker to remotely obtain root access […]
Unprotected Elasticsearch Server Leaves 85% Of All Panama Citizens Data Exposed
A security researcher has discovered an Elasticsearch server that was left connected to the internet without a password, or firewall protection and has leaked what appears to be personal records and patient information for roughly 85 percent of Panama’s citizens. Experts Comments: Hugo van den Toorn, Manager Offensive Security at Outpost24: “At first glance, it seems an […]
NBA Team Indiana Pacers Hit By Data Breach
The Indiana Pacers, a major franchise team in the NBA was hit by a data breach between October 15, 2018, and December 4, 2018. Pacers Sports & Entertainment (PSE), which also manages operations of the Bankers Life Fieldhouse arena, said that unauthorized access to several of its employee accounts had been gained by “unknown actors”. The news […]
