Google Chrome Browser Update

Google has released a new stable version of its Internet surfing software equipped with a patch for a zero-day vulnerability reportedly being exploited in the wild. The flaw can allow an attacker to gain full access to the victim’s machine. If you are a Chrome user, it’s recommended that you update immediately. Google says it […]

Read More

What Is Credential Stuffing ?

Definition Credential Stuffing (also known as Attack Takeover – ATO); is an automated brute force hacking technique where an attacker uses scripts to try to gain access to a website/service/database, using data gathered from historic data breaches and custom built word lists. Hackers are continually searching for or buying login information with decrypted passwords from […]

Read More

Android 9 Brings Significant Security Advancements

With Android 9 (also called Android Pie), Google focused on aspects such as platform hardening, anti-exploitation, hardware-backed security, and user privacy, each with its own set of enhancements and new features. With Android 9 (also called Android Pie), the Internet search giant focused on aspects such as platform hardening, anti-exploitation, hardware-backed security, and user privacy, […]

Read More

New Office365 Phishing Attack

Heads Up everyone, signs are that there are new Microsoft Office365 phishing emails on the rise. The new form found by Xavier Mertens (SANS), pretends to be an email non-delivery report (NDR). Clicking on the link sends you to a phishing site where users are prompted to enter their Microsoft Office365 username and password. […]

Read More

Google Addresses Slow Android Security Update Cycle

Google has long been criticised for the long delays between Android upgrades. While iPhone users are merrily chowing down on regular OS updates, Android users have to wait for long intervals, with lower cost handsets never seeing an update at all during their lifespans. Google’s update framework, Project Treble, seeks to rectify this, and the […]

Read More

WordPress GDPR Plugin Compromised

Vulnerabilities in the popular WordPress GDPR Compliance plugin, which has over 100,000 active installations have been exploited compromising thousands of websites. The plugin is designed to help websites and online shops become compliant with the EU’s General Data Protection Regulation (GDPR). It supports plugins such as Contact Form, Gravity Forms, WordPress Comments, and WooCommerce. The vulnerability allows […]

Read More

GrayKey

Apple Blocks Police Hacking Your iPhone

Digital forensics company Grayshift markets its GrayKey hardware product to Law Enforcement Agencies, US Immigration and Customs Enforcement, the Secret Service and some UK police forces and other agencies around over the world – to enable them to retrieve data from Apple products. In March 2018 Grayshift (based in USA) promised police & governments that […]

Read More

“Android Nearby” To Cut Spam Notifications

Google has just announced that Android Nearby Notifications will no longer be sending spam messages to users after 6th December 2018. Google is shutting off Physical Web beacon notifications – meaning spammers and unscrupulous developers will not be spamming users based on their location – i.e. passing coffee stores, department store offers in shopping centers […]

Read More

android-malware

HeroRat – Android Malware

A new strain of Android malware has been discovered that exploits Telegram to communicate back to its masters converting the compromised device into part of a wider botnet. The malware runs on all Android versions: however, affected users need to accept permissions required by the app (sometimes including activating the app as device administrator), which […]

Read More

KRACK – All WPA2 Wifi Devices Can Be Hacked

With the KRACK vulnerability publicized this week, anyone who uses a Wi-Fi-enabled device may be at risk for sharing unencrypted traffic with potential attackers who bypass WPA2 network security. The WPA2 security protocol is used by routers and devices to encrypt people’s activity. Attackers who want to exploit the newly revealed weakness could steal sensitive data […]

Read More