A new set of malicious Android apps have been caught posing as app security scanners on the official Play Store to distribute a backdoor capable of gathering sensitive information. “These malicious apps urge users to update Chrome, WhatsApp, or a PDF reader, yet instead of updating the app in question, they take full control of […]
Someone is selling account information for 21 million customers of ParkMobile, a mobile parking app that’s popular in North America. The stolen data includes customer email addresses, dates of birth, phone numbers, license plate numbers, hashed passwords and mailing addresses.
This year’s high-level cyber security Exercise Locked Shields is the largest of its kind, organizers, the Tallinn-based NATO Cooperative Cyber Defense Center of Excellence (CCDCOE), have announced. Under a new format for 2021, this year’s event will be the largest global live-fire cyber defense exercise worldwide, the CCDCOE says, and will aim to highlight the […]
Vulnerability detected (CVE-2021-21193) on Chromium Blink Engine that allows malicious users to execute arbitrary code, gain unauthorized access, access sensitive information, or deny service (denial -of-service). Microsoft and Google have published the following versions to patch these exploited vulnerabilities: • Edge Chromium 89.0.774.54 • Google Chrome 89.0.4389.90 More information can be found at https://securityaffairs.co/wordpress/115600/security/google-chrome-0-day.html Source: […]
Abnormal activity on Microsoft Exchange servers was detected in January 2021. In particular, an attacker exploiting a manually compromised vulnerability (SSRF) on Microsoft Exchange servers (CVE-2021-26855) could steal the full contents of a single user mailbox. This vulnerability can be exploited remotely and does not require authentication of any kind, nor does it require special […]