Cybersecurity News

Top Software Testing Services

Top 10 Cybersecurity Stories That Made Headlines In 2020

The rapid spread of the coronavirus has activated an equal shift towards a remote workforce among several organizations all over the world, which also led to the adaptation of new technologies and new processes and this has increased the security issues. The weakening of security issues led to an increased number of cyber-attacks and data…
Read more

Fresh Card Skimmer Found On Shopify, Zencart, BigCommerce, and Woocommerce Stores

Security experts have discovered a payment card skimmer that bad actors could use to steal the payment credentials by using a duplicate fake payment form with a key logger and showing an error message on receiving the credentials on Shopify, BigCommerce, Zencart, and Woocommerce powered stores. Till this time, the new card skimmer software has…
Read more

US And Canadian Banking Customers Being Targeted By AutoHotKey-Based Credential Stealer

An ongoing campaign initiated in the early 2020s was discovered with bad actors that were distributing a new credential or password stealer which was written in AutoHotKey (AHK) scripting language. AutoHotKey is built and aimed at serving easy shortcut keys for macro-creation and software automation that could allow users of Windows to repeat and automate…
Read more

Windows 0-Day Bug, Poorly Patched, Now Unpatched, Reveals Google

A public disclosure of poorly patched security vulnerability in Windows print spooler API was made by Google’s Project Zero Team. This bug could be taken advantage of by attackers or hackers to perform arbitrary code execution. The bug was disclosed to Microsoft in December 2019 by an unidentified user working with Trend Micro’s Zero Day…
Read more

Hackers Could Have Accessed Your Private Documents By A Bug In Google Docs

Google Docs is a free web-based application in which anyone can create, modify and manipulate documents online by having an Internet connection and a full-featured browser. Google has a feedback tool across all its services and a bug was discovered in that tool earlier this year. The bug could have let the attackers gain access…
Read more

Malicious Browser Extensions Discovered by Kaspersky Lab and Yandex

A ruinous code was detected in the browser extensions by Kaspersky Lab and Yandex. It is considered that the attackers could have gained access to the accounts in the social networks and would have used them to elevate views on videos around various websites. The malicious code was possibly capable of pulling a lot more…
Read more

21 WeLeakInfo Users Get Arrested By UK Police For Buying Breached Personal Data

The U.K. police arrests 21 people who were the customers of a website named WeLeakInfo, which is now inoperative since the arrest. It is said that the website was set to sell personal data, that was breached/hacked from various sites. The arrest was the part of a cyber crackdown that went nationwide. The U.K. NCA…
Read more

SolarWinds Supply Chain Attack Using Malware and Backdooring

Earlier this year, some foreign hackers (believed to be the from Russian intelligence SVR) somehow hacked into the systems of SolarWinds and were able to code a spyware in the company’s one of the most common and widely used software – Orion.

2FA Bypass Flaw Reported in cPanel and WHM Software

Security researchers from Digital Defense have found a significant security problem in cPanel, a common software suite that facilitates the management of a web hosting server. Attackers could exploit the flaw to bypass two-factor authentication (2FA) for cPanel accounts and manage the associated websites and conduct a brute force attack to infiltrate user accounts. Such…
Read more

Lazarus abuses authentic security feature in a supply-chain attack

Lazarus, also known as Hidden Cobra, is an umbrella term for select threat groups- including offshoot entities – suspected of being tied to North Korea. Thought to be responsible for Sony’s infamous 2014 hack, Lazarus has also been connected to hacks using zero-day vulnerabilities, LinkedIn phishing messages, and the deployment of Trojans in campaigns including Dacls and Trickbot. ESET researchers…
Read more