Zoom Bombing: The Zoom attack that work from home people should be prudent of As all of us were advised by our governments to stay indoors to prevent and lessen the growing number of COVID-19 infections, work and learn at home is the best strategy to exercise social distancing measures and avoid getting infected. Zoom has...Continue Reading
In response to the COVID19 virus, governments around the world have placed strict policies on their citizens, restricting non-essential gatherings and movements, including non-essential office-based work. Now that much of the world’s workforce is now working from home – messaging, video, chat conference applications have been widely adopted and their business use is now commonplace....Continue Reading
Security experts discovered two serious vulnerabilities in the iLnkP2P P2P system that ìs developed by Chinese firm Shenzhen Yunni Technology Company, Inc. The iLnkP2P system allows users to remotely connect to their IoT devices using a mobile phone or a PC. Potentially affected IoT devices include cameras and smart doorbells. The iLnkP2P is widely adopted...Continue Reading
Qualcomm chipsets are generally the processor of choice for many smartphone users, owing to the firm’s powerful graphics hardware and developer-friendly nature. It’s not immune to chipset vulnerability flaws though, and its latest vulnerability is a big one. Security researchers discovered the flaw last year, allowing cyber-criminals to gain private data and security keys in...Continue Reading
A cyber security research team has identified a vulnerability in the protection of top mobile web browsers. Shockingly, mobile Chrome, Safari, and Firefox failed to show any blacklist warnings between mid-2017 and late 2018 despite the presence of security settings that implied blacklist protection. However, this issue only affects mobile browsers that use Google Safe...Continue Reading
Security researchers discovered a security vulnerability in Oracle WebLogic Server, a component of Oracle Fusion Middleware, and found to be actively exploited by cybercriminals to install cryptocurrency miners. This malware which was used in the attack hid in certificate files to avoid malware detection and later dropped miners for cryptocurrency known as Monero Miner. Tracked...Continue Reading
With each passing day, cases of WordPress infection that redirects visitors to suspicious pages is getting common. Recently, a vulnerability was discovered in tagDiv Themes and Ultimate Member Plugins. In this WordPress redirect hack visitors to your website are redirected to phishing or malicious pages. In this hack, users, when redirected, are taken to irritating...Continue Reading
A group of attackers are actively exploiting a critical vulnerability in Atlassian’s Confluence collaboration software to inject trojans and infect servers with the GandCrab ransomware. Confluence is a Java-based web application that provides a shared wiki-type workspace for enterprise employees and is used by tens of thousands of companies worldwide. The vulnerability, tracked as CVE-2019-3396,...Continue Reading
An address bar vulnerability with the latest versions of UC Browser and UC Browser Mini exposes millions of users to Phishing Attacks. The vulnerability was discovered by a cyber-security researcher, which allows an attacker to pose his phishing domain as the targeted site. According to the researcher, the UC Browser phishing vulnerability exists only...Continue Reading
Analysis of new malware samples used by the Rocke group for cryptojacking reveals code that uninstalls from Linux servers multiple cloud security and monitoring products developed by Tencent Cloud and Alibaba Cloud. Rocke’s goal is to compromise Linux machines and use them to mine for Monero cryptocurrency. They exploit several vulnerabilities in Apache Struts...Continue Reading
