Malicious Ledger Live extension for Chrome steals Ledger wallet data
Harry Denley, Director of Security in MyCrypto discovered the malicious Ledger Live extension for Chrome, which is actively advertised on Google and stealing Ledger wallet data. It masks itself as…
Chinese coronavirus detection app transmits data to the police
Last month, Chinese authorities released the Alipay Health Code coronavirus detection application, which allowed users checking whether they need to be quarantined due to contact with people infected with coronavirus.…
Cyberattack with the use of ransomware forced Epiq Global to shut down its systems
Epiq Global, a large international law firm, has become the victim of a cyberattack with the use of ransomware. The company has shut down systems in 80 of its offices…
Vulnerability in OAuth Protocol Allows Hacking Any Facebook Account
The vulnerability is contained in the Facebook login feature, which uses the OAuth 2.0 authorization protocol. Security researcher Amol Baikar discovered a critical vulnerability in the Facebook social network OAuth…
Hackers scan network for vulnerable Microsoft Exchange servers
Information security experts warn that hackers are already scanning the network for Microsoft Exchange servers that are vulnerable to CVE-2020-0688, which Microsoft developers fixed two weeks ago. The problem is…
Kr00k Wi-Fi-chips vulnerability affects over a billion devices
At the RSA 2020 conference, ESET specialists spoke about the new Kr00k vulnerability (CVE-2019-15126) that can be used to intercept and decrypt Wi-Fi traffic (WPA2). Researchers believe that the Kr00k…
Almost three quarters of modern phishing sites use SSL
Anti-Phishing Working Group (APWG) experts in their new report on this cyber threat analyzed modern phishing techniques. They found out that almost three quarters of modern phishing sites use SSL…
IMP4GT Vulnerability in LTE Threatens Almost All Modern Smartphones
Experts from Ruhr University reported an IMP4GT (IMPersonation Attacks in 4G NeTworks) problem. Modern LTE-enabled devices are vulnerable to IMP4GT, therefore, it threatens almost all smartphones, tablets, and IoT devices.…
Google Search Indexes WhatsApp Private Groups
Google search engine indexes invitations to WhatsApp groups (including links to private groups), which makes them visible and accessible to any user who wants to join the group. The journalist…
Number of linked with WhatsApp phishing URLs increased by 13 467%
According to Vade Secure's report, the number of phishing URLs related to Facebook grew by 358,8%, and WhatsApp, by 13467%. Vade Secure published a report on phishing threats in the…
FSF sent Microsoft developers an empty HDD for Windows 7 sources
The Free Software Foundation (FSF) sent Microsoft developers an empty HDD, asking company to write the Windows 7 source code. At the end of January 2020, in connection with the…
Samsung amends Android kernel that impair security
Jann Horn, Google Project Zero Specialist, studied the Android kernel, supplied by Samsung with its Galaxy A50 phones, and stated that the security mechanisms added by Samsung engineers to the…
