Latest News

2019/12/20

Phishers are using “black SEO” to lure users in to malicious downloads masquerading as the latest Star Wars movie.

Whenever the internet lights up in anticipation of anything, there are fraudsters and scammers waiting in the wings to take advantage of it. This week’s premiere of Star Wars: The Rise of Skywalker is no exception, with cybercriminals eyeing one of the world’s most beloved franchises as rich fodder for phishing attempts.

Researchers at Kaspersky ran a scan of the web this week and have found more than 30 phishing sites and malicious social-media profiles disguised as official movie accounts. The actual number of these kinds of sites, of course, could be much higher
2019/12/20

267M Facebook Users’ Phone Numbers Exposed Online

A database exposing the names, phone numbers and Facebook user IDs of millions of platform users was left unsecured on the web for nearly two weeks before it was removed.

Security researcher Bob Diachenko, who along with Comparitech discovered the unsecured Elasticsearch database, believe it belongs to a cybercriminal organization, as opposed to Facebook. Diachenko went to the internet service provider (ISP) managing the IP address of the server so that the access could be removed.

“A database this big is likely to be used for phishing and spam, particularly via SMS,” according to the Thursday report. “Facebook users should be on the lookout for suspicious text messages. Even if the sender knows your name or some basic information about you, be skeptical of any unsolicited messages.”
2019/12/18

Privilege Escalation Flaws Found in Preinstalled Acer, ASUS Software

Vulnerabilities discovered in Acer and ASUS software preinstalled on most PCs from these companies could lead to privilege escalation and the execution of arbitrary payloads, SafeBreach warns.

The first bug impacts Acer Quick Access, an application that allows users to toggle wireless devices on or off, to modify power-off USB charge settings and network sharing options, and more.

The issue, SafeBreach explains, is that part of the software runs with SYSTEM privileges, and it unsafely attempts to load three missing DLL files. An attacker with administrator privileges can plant malicious versions of these missing files and they would get executed with elevated permissions.
2019/12/18

This Bug Could Have Let Anyone Crash WhatsApp Of All Group Members

WhatsApp, the world's most popular end-to-end encrypted messaging application, patched an incredibly frustrating software bug that could have allowed a malicious group member to crash the messaging app for all members of the same group, The Hacker News learned.
Just by sending a maliciously crafted message to a targeted group, an attacker can trigger a fully-destructive WhatsApp crash-loop, forcing all group members to completely uninstall the app, reinstall it, and remove the group to regain normal function.
2019/12/16

Visa warns against new POS attacks, Fin8 fingered as the culprit

Visa has identified three separate attacks that began last summer targeting gas station and hospitality merchant’s point of sale systems with the cybergang Fin8 being considered the likely perpetrator.

The credit card company’s Payment Fraud Disruption department found that two unnamed “fuel dispenser merchants” and a North American company in the hospitality field were infiltrated, injected with malware that was used to either directly or indirectly steal payment card data.