New Highly Destructive Wiper Malware Variant Detected
Dec06

New Highly Destructive Wiper Malware Variant Detected

A new wiper malware has been detected by security researchers at IBM X-Force which is being used in attacks on energy companies and industrial firms in the Middle East. The malware is believed to have been created by two threat groups in Iran that are known to have links to the Iranian government, APT34 and xHunt. The malware, named ZeroCleare, is being used in targeted attacks against specific organizations according to the...

Read More
Elaborate Man-in-the-Middle Attack Diverts $1 Million Payment to Israeli Startup
Dec05

Elaborate Man-in-the-Middle Attack Diverts $1 Million Payment to Israeli Startup

$1 million in venture capital funding intended for an Israeli startup was diverted to an attacker-controlled bank account in an elaborate wire transfer email scam. The funding was being transferred from a Chinese VC firm and the funds were intended to help the Israeli firm kick start its business. The scam was uncovered by researchers at Check Point Software who called it the “ultimate man-in-the-middle attack.” The researchers...

Read More
StrandHogg Android Vulnerability Allows Malicious Apps to Pose as Legitimate Ones
Dec04

StrandHogg Android Vulnerability Allows Malicious Apps to Pose as Legitimate Ones

An Android vulnerability has been discovered that allows malicious apps to disguise themselves as legitimate apps and gain full permissions. The vulnerability is being actively exploited by dozens of malicious apps. In order for the flaw to be exploited, a malicious app must first be downloaded. Once on the device, it can masquerade as any legitimate app on the device. When the app icon of a legitimate app is clicked, the malware is...

Read More
Critical Vulnerability Patched in GoAhead EmbedThis Web Server Software
Dec04

Critical Vulnerability Patched in GoAhead EmbedThis Web Server Software

Two vulnerabilities have been identified in GoAhead’s EmbedThis Web Server software, which is used by hundreds of millions of Internet of Things (IoT) devices, one of which is a critical flaw that could allow an attacker to take full control of a vulnerable device. GoAhead EmbedThis is an embedded web server for embedded devices. The most serious flaw, CVE-2019-5096, is a remote code execution vulnerability that arises when the web...

Read More
Former Facebook Content Moderators Sue Facebook for Psychological Injuries
Dec04

Former Facebook Content Moderators Sue Facebook for Psychological Injuries

Former Facebook content moderators have taken the decision to sue Facebook for psychological injuries and are seeking compensation from the social media network after developing post traumatic stress disorder (PTSD) from viewing extremely disturbing violent content and other graphic material at work. Working for Facebook may seem like a dream job for many people, but not all work that needs to be performed for the social media network...

Read More