Fodcha DDoS Botnet Resurfaces with New Capabilities
The threat actor behind the Fodcha distributed denial-of-service (DDoS) botnet has resurfaced with new capabilities, researchers reveal.
This includes changes to its communication protocol and the ability to extort cryptocurrency payments in...
Tips for Choosing a Pentesting Company
In today's world of automated hacking systems, frequent data breaches and consumer protection regulations such as GDPR and PCI DSS, penetration testing is now an essential security requirement for organisations of...
Unofficial Patch Released for New Actively Exploited Windows MotW Vulnerability
An unofficial patch has been made available for an actively exploited security flaw in Microsoft Windows that makes it possible for files signed with malformed signatures to sneak past Mark-of-the-Web (MotW)...
Trick or treat? Stay so cyber‑safe it’s scary – not just on Halloween
Gather around, folks, to learn about some of the ghastliest tricks used by criminals online and how you can avoid security horrors this Halloween and beyond The post Trick or treat? Stay so cyber‑safe it’s scary – not just on Halloween appeared first on WeLiveSecurity
Samsung Galaxy Store Bug Could've Let Hackers Secretly Install Apps on Targeted Devices
A now-patched security flaw has been disclosed in the Galaxy Store app for Samsung devices that could potentially trigger remote command execution on affected phones.
The vulnerability, which affects Galaxy Store version...
GitHub Repojacking Bug Could've Allowed Attackers to Takeover Other Users' Repositories
Cloud-based repository hosting service GitHub has addressed a high-severity security flaw that could have been exploited to create malicious repositories and mount supply chain attacks.
The RepoJacking technique, disclosed by Checkmarx, entails a bypass...
Twilio Reveals Another Breach from the Same Hackers Behind the August Hack
Communication services provider Twilio this week disclosed that it experienced another "brief security incident" in June 2022 perpetrated by the same threat actor behind the August hack that resulted in unauthorized access of...
Courts vs. cybercrime – Week in security with Tony Anscombe
A look at a recent string of law enforcement actions directed against (in some cases suspected) perpetrators of various types of cybercrime The post Courts vs. cybercrime – Week in security with Tony Anscombe appeared first on WeLiveSecurity
High-Severity Flaws in Juniper Junos OS Affect Enterprise Networking Devices
Multiple high-severity security flaws have been disclosed as affecting Juniper Networks devices, some of which could be exploited to achieve code execution.
Chief among them is a remote pre-authenticated PHP archive file...
These Dropper Apps On Play Store Targeting Over 200 Banking and Cryptocurrency Wallets
Five malicious dropper Android apps with over 130,000 cumulative installations have been discovered on the Google Play Store distributing banking trojans like SharkBot and Vultur, which are capable of stealing financial data and performing...