Stay safe online - 2022-07-04

HackerOne employee stole bug reports for selling them on the side

Employee stole reports from bug bounty platform to disclose them to customers and claim rewards. More

Amazon patched high-severity vulnerability in the Android Photos app

Android Photos App exploitable flaw silently fixed by Amazon. More

OpenSea has to report a major breach and customer email data leak

NFT giant suffers a massive leak of users' email addresses. More
News Security   June 30, 2022  

A multistage ZuoRAT has been targeting a wide range of SOHO routers

New unusual malware targets home-office routers to spy on networks. More
News Security   June 29, 2022  

Revive Android trojan impersonates BBVA bank 2FA application

The banking trojan targets users of Spanish Financial services posing as a two-factor authentication app. More
News Viruses and parasites   June 28, 2022  

LGBTQ+ community warned by FTC: extortionists abuse dating apps

Extortion scammers target the LGBTQ+ community on Feeld and Grindr dating applications. More
News Security   June 27, 2022  

Russian hackers use Cobalt Strike and CredoMap malware against Ukraine

Stat-backed attackers hit Ukraine with phishing campaigns spreading malware. More
News Security   June 23, 2022  

Magecart attacks becoming more stealthy: ongoing campaign report

Newly discovered attacks show the bigger scale of the Magecart infrastructure campaign. More
News Security   June 22, 2022  

New NTLM relay attack: threat actor can control the Windows domain

The attack named DFSCoerce leverages the Distributed File System to seize control of the domain. More
News Security   June 21, 2022  

Malicious spam campaigns deliver Matanbuchus malware and Cobalt Strike

New phishing attack infects machines and spreads Cobalt Strike on devices. More
News Viruses and parasites   June 20, 2022  

Sophos Firewall zero-day flaw was already exploited by hackers

Chinese hackers targeted South Asian Entity weeks before the Sophos zero-day bug got fixed. More

Microsoft Office 365 feature can be used by ransomware developers

Ransomware attacks can involve cloud files if attackers hijack the Office 365 accounts. More

A new side-channel attack Hertzbleed affects Intel and AMD CPUs

The new attack allows the remote attackers to steal full cryptographic keys. More

Kaiser Permanente data breach: data about 70 thousand people exposed

Medical and personal data of people exposed in the data breach that happened in April. More
News Security   June 14, 2022  

Hello XD ransomware new tactics: drops the backdoor while encrypting

Researchers reveal new tactics of the Hello XD ransomware on Windows and Linux systems. More
News Viruses and parasites   June 13, 2022