Experian's South Africa unit suffered a data breach incident exposing the personal information of 24 million customers and 793,749 business entities.
Read details — https://thehackernews.com/2020/08/experian-data-breach-attack.html
The credit rating agency says the attacker behind this breach has been identified.
Read details — https://thehackernews.com/2020/08/experian-data-breach-attack.html
The credit rating agency says the attacker behind this breach has been identified.
Oh, JOBS! Hackers posing as recruiters in #malware attacks.
FBI and CISA are warning companies about a new malware, dubbed 'BLINDINGCAN,' which North Korean hackers are using to spy on high-value employees at targeted government contractors.
https://thehackernews.com/2020/08/job-offer-hackers.html
FBI and CISA are warning companies about a new malware, dubbed 'BLINDINGCAN,' which North Korean hackers are using to spy on high-value employees at targeted government contractors.
https://thehackernews.com/2020/08/job-offer-hackers.html
Uber's Former Chief Security Officer, Joe Sullivan, has been charged over covering-up 2016's massive data breach by paying hackers $100,000 ransom as a bug bounty reward.
Details: https://thehackernews.com/2020/08/uber-data-breach-cover-ups.html
This incident, which exposed 57 million users' data, was disclosed to the public almost a year later when Sullivan left the company.
Details: https://thehackernews.com/2020/08/uber-data-breach-cover-ups.html
This incident, which exposed 57 million users' data, was disclosed to the public almost a year later when Sullivan left the company.
⚠️ BEWARE !!!
A Google Drive 'Feature' — Unpatched Yet — Could Let Attackers Trick You Into Installing Malware Using Convincing Spear Phishing Attacks.
Learn more about it and watch demos: https://thehackernews.com/2020/08/google-drive-file-versions.html
A Google Drive 'Feature' — Unpatched Yet — Could Let Attackers Trick You Into Installing Malware Using Convincing Spear Phishing Attacks.
Learn more about it and watch demos: https://thehackernews.com/2020/08/google-drive-file-versions.html
Update your Apache-powered servers!
Google researcher reported 3 flaws in Apache that could lead to code execution and, in some scenarios, even allow attackers to cause a crash and denial of service remotely.
https://thehackernews.com/2020/08/apache-webserver-security.html
CVE-2020-9490
CVE-2020-11984
CVE-2020-11993
Google researcher reported 3 flaws in Apache that could lead to code execution and, in some scenarios, even allow attackers to cause a crash and denial of service remotely.
https://thehackernews.com/2020/08/apache-webserver-security.html
CVE-2020-9490
CVE-2020-11984
CVE-2020-11993
A Popular iOS SDK Has Been Caught Spying on Billions of Apple Users and Committing Ad Fraud.
Read Details: https://thehackernews.com/2020/08/ios-sdk-ad-fraud.html
Read Details: https://thehackernews.com/2020/08/ios-sdk-ad-fraud.html
⚡APT hackers-for-hire ...
APT hackers hired by competing private companies exploit #Autodesk 3D Max software to steal sensitive information from industrial targets.
Read details & get IoCs:
https://thehackernews.com/2020/08/autodesk-malware-attack.html
APT hackers hired by competing private companies exploit #Autodesk 3D Max software to steal sensitive information from industrial targets.
Read details & get IoCs:
https://thehackernews.com/2020/08/autodesk-malware-attack.html
FBI arrested a Russian extortion gang member in the United States after he TRAVELED there to met an employee of a targeted company and offered him $1 MILLION in bitcoins as a bribe for planting a data-stealing MALWARE into the company's systems.
Yeah, it works in the real world as well.
Read details: http://thehackernews.com/2020/08/russian-extortion-malware.html
Yeah, it works in the real world as well.
Read details: http://thehackernews.com/2020/08/russian-extortion-malware.html
Watch Out! A new malware campaign spreading QakBot banking trojan returned with new tricks up its sleeve to target government, military, and manufacturing sectors.
Read more: https://thehackernews.com/2020/08/qakbot-banking-trojan.html
Read more: https://thehackernews.com/2020/08/qakbot-banking-trojan.html
In a new campaign...
Iranian hackers pose as journalists (over WhatsApp and LinkedIn) to trick high-value targets into handing over login credentials or installing spyware and steal sensitive information.
Read more: https://thehackernews.com/2020/08/hackers-journalist-malware.html
Iranian hackers pose as journalists (over WhatsApp and LinkedIn) to trick high-value targets into handing over login credentials or installing spyware and steal sensitive information.
Read more: https://thehackernews.com/2020/08/hackers-journalist-malware.html
Cisco Issues Warning Over IOS XR Zero-Day [CVE-2020-3566] Flaw Being Targeted in the Wild
https://thehackernews.com/2020/09/cisco-issue-warning-over-ios-xr-zero.html
https://thehackernews.com/2020/09/cisco-issue-warning-over-ios-xr-zero.html
REMINDER: Start Today, i.e., 1st September 2020, all major web browsers will stop trusting websites with the validity of SSL/TLS certificates longer than 398 days.
Read details and learn how short-lived Certs increase security: https://thehackernews.com/2020/09/ssl-tls-certificate-validity-398.html
Read details and learn how short-lived Certs increase security: https://thehackernews.com/2020/09/ssl-tls-certificate-validity-398.html
Credit Card hackers now using a new web-skimmer that leverages Telegram messenger APIs to exfiltrate data from compromised payment pages and sites.
Read more: https://thehackernews.com/2020/09/credit-card-telegram-hackers.html
Read more: https://thehackernews.com/2020/09/credit-card-telegram-hackers.html
Google Chrome for Android (starting from Chrome 85) now support DNS-over-HTTPS (DoH) feature that, when enabled, can automatically switch to DNS-over-HTTPS if your current DNS provider supports it, or users can also provide a custom server address to prevent miscreants from interfering with domain name lookups, eventually stopping network observers, including your ISPs and attackers, from figuring out what sites you visit.
🤯1
A new critical bug in Cisco Jabber—chatting and calling software—could let hackers remotely target Windows systems by sending innocent-looking messages to the targeted users.
Read more: https://thehackernews.com/2020/09/cisco-jabber-hacking.html
Read more: https://thehackernews.com/2020/09/cisco-jabber-hacking.html
Evilnum hackers are now targeting Financial Technology firms with a new Python-based RAT that can steal passwords, documents, browser cookies, email credentials, and other sensitive information.
Read details: https://thehackernews.com/2020/09/evilnum-hackers.html
Read details: https://thehackernews.com/2020/09/evilnum-hackers.html
A new flaw could let cybercriminals bypasses PIN verification for Visa Contactless Payments.
Read details: https://thehackernews.com/2020/09/emv-payment-card-pin-hacking.html
Read details: https://thehackernews.com/2020/09/emv-payment-card-pin-hacking.html
Cybersecurity agencies across Asia and Europe have issued security alerts regarding the sudden spike in Emotet malware attacks targeting businesses in France, Japan, and New Zealand.
Read details: https://thehackernews.com/2020/09/emotet-malware-attack.html
Read details: https://thehackernews.com/2020/09/emotet-malware-attack.html
✅ Microsoft Patch Tuesday
✅ September 2020 Edition
✅ 129 New Vulnerabilities
✅ 23 Critical + 105 Important
✅ 0 Publicly Known
✅ 0 Under Active Attacks
Find details here: https://thehackernews.com/2020/09/patch-tuesday-september.html
✅ September 2020 Edition
✅ 129 New Vulnerabilities
✅ 23 Critical + 105 Important
✅ 0 Publicly Known
✅ 0 Under Active Attacks
Find details here: https://thehackernews.com/2020/09/patch-tuesday-september.html