Hacked News Sites Used to Spread Malware Disguised as Google Chrome Update
Mar26

Hacked News Sites Used to Spread Malware Disguised as Google Chrome Update

If you visit a website and are advised that you need to update Google Chrome, do not download the update. A campaign has been identified that is using fake Google Chrome updates to trick web visitors into downloading and installing malware. The hacking group is targeting news websites and corporate sites running WordPress and injecting malicious JavaScript code that redirects visitors to landing pages on malicious websites that claim...

Read More
Database Containing Extensive Information of 200 Million Americans Exposed Online
Mar24

Database Containing Extensive Information of 200 Million Americans Exposed Online

A database on the Google Cloud platform containing 800 gigabytes of data and over 200 million user records has been misconfigured and was exposed online, according to researchers at CyberNews. The database contained a folder that included detailed information on around 200 million Americans, including full names, phone numbers, email addresses, dates of birth, credit ratings, home addresses, mortgaged property addresses, number of...

Read More
All Supported Windows Versions Affected by Two Actively Exploited Zero-Day RCE Flaws
Mar23

All Supported Windows Versions Affected by Two Actively Exploited Zero-Day RCE Flaws

Microsoft has issued a security advisory about two actively exploited zero-day flaws in Windows Adobe Type Manager Library. The critical remote code execution vulnerabilities affect all supported Windows desktop and server versions and Windows 7. If exploited, attackers would be able to take full control of vulnerable computers. The flaws are being exploited in limited targeted attacks. Microsoft is currently working on a patch to...

Read More
New Vulnerabilities Identified in Popular Password Managers
Mar23

New Vulnerabilities Identified in Popular Password Managers

Password managers help you create complex and unique passwords for every application, service, and website but how secure are password managers? Could a password manager actually weaken security? According to a study conducted by researchers at the University of York, password managers are not totally secure. Vulnerabilities in password managers have been found that could potentially be exploited by cybercriminals to gain access to a...

Read More
WHO Director-General Impersonated in Spam Campaign Delivering HawkEye Keylogger and Malware Downloader
Mar20

WHO Director-General Impersonated in Spam Campaign Delivering HawkEye Keylogger and Malware Downloader

Another coronavirus-themed phishing campaign has been detected impersonating the World Health Organization (WHO), or more specifically, the Director-General of WHO, Dr. Tedros Adhanom Ghebreyesus. The campaign was identified by security researchers at IBM X-Force Threat Intelligence who report that several waves of spam have already been delivered. The threat actors behind the campaign are using spam emails to distribute a malware...

Read More