Tag: security
This devious new trojan is exposing a flaw in Windows SmartScreen to drain victims bank accounts
Palo Alto Networks’ cybersecurity research arm Unit 42 recently discovered a new malware variant targeting users via a vulnerability in Windows SmartScreen Mispadu is an infostealer built on Delphi, looking to extract sensitive information from victim endpoints, including banking details. Last year Mispadu’s operators harvested roughly 90,000 bank account credentials,…
Read More
Mastodon hit by security flaw — top Twitter alternative acts fast to patch critical security issue that could have let hackers hijack user accounts
Top Twitter alternative Mastodon was found to be carrying a high-severity vulnerability which could have been used by hackers to impersonate people and take over their accounts. The flaw is tracked as CVE-2024-23832, and has a severity rating of 9.4. It affects all Mastodon versions before 3.5.17, 4.0.13, and 4.2.5. …
Read More
These were the most common phishing emails of 2023 — make sure you don’t get caught out as well
Phishing has long been a popular vector for cybercriminals in order to coax valuable information out of victims – and 2023 was no different. A new report from email security firm Codefense has delved into the most common themes in email phishing attacks last year. The themes it assigned were…
Read More
Almost a million WordPress websites at risk from this security flaw — here’s what you need to know to keep your site safe
Almost a million WordPress websites were vulnerable to a flaw that allowed hackers to modify content on different pages. A report from Wordfence noted the vulnerability could lead to hackers altering sensitive data and potentially exploiting the website builder system. As per the report, the websites were vulnerable through a…
Read More
Malware-riddled Android apps spotted on Google Play Store — here’s what to avoid
Android users have become targets of a social engineering attack that aimed to steal sensitive data located on their smartphones and even keep tabs on them. A report from cybersecurity researchers at ESET claims to have recently found 12 malware-laden Android apps that carried malicious code and were used in…
Read More
US government tells federal agencies they have 48 hours to get rid of Ivanti VPN tech following breaches
US Government agencies using Ivanti Connect Secure and Ivanti Policy Secure have been told to disconnect these solutions immediately and not turn them back on until they’re absolutely certain they’ve been properly patched, and their networks disinfected from possible hacker incursions. This stark warning was issued by the Cybersecurity and…
Read More