XSS vulnerability affects government websites

An undisclosed Cross-Site Scripting (XSS) vulnerability in Apache Velocity Tools can be exploited by unauthenticated attackers to target government sites, including NASA, BleepingComputer reported today. Although 90 days have elapsed since the vulnerability was reported and patched, BleepingComputer is not aware of a formal disclosure made by the project.Security researcher Jackson…

Ethics Officer Facing Cyberstalking Charge

Julie Meadows-Keef has been arrested and charged with cyberstalking her coworker and ex-partner. Meadows-Keef has been banned from using the internet. However this excludes the use for work, paying her bills and legal defence. Following a messy divorce, restraining orders, a falsely filed sexual complaint by Meadows-Keef against Fletcher (which…

Classiscam: Fake Ads hit European Market

A scam, known as Classiscam, is leading users to fraudulent merchant sites or phishing pages using fake tailored advertisements. The Cybercriminals use brands that are extremely popular in Europe including, LeBoinCoin, Allegro, OLX, Sbazar, FAN. Courier, Lalafo, Kufar and DHL. Anyone tricked by the scam falls victim to payment data…

Elon Musk giveaway scam spreads throughout Twitter

Malicious actors have hacked a number of Twitter accounts, including verified accounts, in an Elon Musk giveaway scam. Security researches MalwareHunterTeam have seen an increase in the number of verified Twitter accounts being hacked by a scam which claims that Elon Musk is giving away cryptocurrency. Accounts are compromised by…

150,000 police arrest records lost

Priti Patel, the UK home secretary, is under fire after 150,000 police arrest records were accidentally lost from a police database last week. The lost files include DNA, arrest history records and fingerprints. As these files are now lost from the Police National Computer (PNC), essential evidence from crime scenes…

‘Anyone Else’s Skype not Working?’

Yesterday, January 13th, users worldwide were reporting issues with the popular video chat platform. Users were automatically signed out and when attempting to log back onto their accounts they all received the same message: “We’re unable to complete your request”. Microsoft acknowledged the issues and began working on restoring access.…

German Investigators shut down DarkMarket

On Tuesday, German authorities announced the shut down of an illegal marketplace found on the darknet. Among the products sold on the network, known as DarkMarket, were drugs, forged money, stolen or forged credit cards, anonymous mobile phone SIM cards and malware. Prosecutors stated that the large network had nearly…

Hackers bypassed the US Cybersecurity Agency’s MFA

Today the US Cybersecurity and Infrastructure Security Agency (CISA) have revealed that malicious actors accessed their cloud service accounts by bypassing their multi-factor authentication (MFA) protocols. The attackers had tried multiple times to breach the CISA systems using brute force attacks, and it is through that they finally defeated the…

Warning of COVID-19 QR code scams

QR codes are being increasingly used by businesses and venues in order to register customers to help track COVID-19 cases. As we see a rise in QR code usage, we are also seeing a rise in the number of QR code scams. Avast security is warning that individuals and businesses…

Pfizer COVID-19 Vaccine Data Leaked Online

Following a data breach in December, the European Medicines Agency (EMA) today revealed, that data concerning the Pfizer/BioNTech COVID-19 vaccine, has been leaked online. Fortunately, the EMA has stated that the regulatory network remains fully functional and that any COVID-19 evaluation and approval timelines have not been affected by the…

Potential Link between SolarWinds and Turla APT

Researchers at Kaspersky have recently discovered considerable similarities between the Sunburst and Kazuar backdoors. The similarities potentially link the Sunburst backdoors, used in the SolarWinds supply-chain attack, to a previously known Turla weapon. Kazuar, a malware written using the .NET framework, was first reported in 2017. These have been used…
1 2 3 18