• Hackers compromised APKPure client to distribute infected Apps
    by Pierluigi Paganini on April 10, 2021 at 5:50 pm

    APKPure, one of the largest alternative app stores, was the victim of a supply chain attack, threat actors compromised client version 3.17.18 to deliver malware. Multiple security experts discovered threat actors tampered with the APKPure client version 3.17.18 of the popular alternative third-party Android app store. APKPure is available only on devices that use Google The post Hackers compromised APKPure client to distribute infected Apps appeared first on Security Affairs.

  • Crooks abuse website contact forms to deliver IcedID malware
    by Pierluigi Paganini on April 10, 2021 at 3:08 pm

    Microsoft researchers spotted a malware campaign abusing contact forms on legitimate websites to deliver the IcedID malware. Security experts from Microsoft have uncovered a malware campaign abusing contact forms on legitimate websites to deliver the IcedID malware. Threat actors behind the operation are using contact forms published on websites to deliver malicious links to enterprises The post Crooks abuse website contact forms to deliver IcedID malware appeared first on Security Affairs.

  • This man was planning to kill 70% of Internet in a bomb attack against AWS
    by Pierluigi Paganini on April 10, 2021 at 11:46 am

    The FBI arrested a man for allegedly planning a bomb attack against Amazon Web Services (AWS) to kill about 70% of the internet. The FBI arrested Seth Aaron Pendley (28), from Texas, for allegedly planning to launch a bomb attack against Amazon Web Services (AWS) data center on Smith Switch Road in Ashburn, Virginia. The The post This man was planning to kill 70% of Internet in a bomb attack against AWS appeared first on Security Affairs.

  • Zerodium will pay $300K for WordPress RCE exploits
    by Pierluigi Paganini on April 9, 2021 at 9:33 pm

    Zero-day broker Zerodium announced that will triples payouts for remote code execution exploits for the popular WordPress content management system. Zero-day broker Zerodium has tripled the payouts for exploits for the WordPress content management system that could be used to achieve remote code execution. Zerodium announced via Twitter that is temporarily offering a $300,000 payout The post Zerodium will pay $300K for WordPress RCE exploits appeared first on Security Affairs.

  • Cisco will not release updates to fix critical RCE flaw in EoF Business Routers
    by Pierluigi Paganini on April 9, 2021 at 5:55 pm

    Cisco announced it will not release security updates to address a critical security vulnerability affecting some of its Small Business routers. Cisco is urging customers that are using some of its Small Business routers to replace their devices because they will no longer receive security updates. According a security advisory published by the company, Cisco The post Cisco will not release updates to fix critical RCE flaw in EoF Business Routers appeared first on Security Affairs.

  • Facebook Removes 16k Groups for Trading Fake Reviews
    on April 9, 2021 at 5:52 pm

    Double intervention by UK watchdog prompts Facebook to axe groups trading in fake reviews

  • US Jails Cyber-stalker Who Targeted Attack Survivor
    on April 9, 2021 at 3:51 pm

    Florida man who cyberstalked survivor of murder attempt is sent to prison

  • LifeLabs Launches Vulnerability Disclosure Program
    on April 9, 2021 at 3:04 pm

    Canadian medical laboratory teams up with Bugcrowd to boost cybersecurity

  • Pwn2Own 2021: participants earned $1,2M of the $1.5M prize pool
    by Pierluigi Paganini on April 9, 2021 at 2:12 pm

    The Pwn2Own 2021 hacking competition was concluded, participants earned more than $1.2 million, the greatest total payout ever. The Pwn2Own 2021 hacking competition reached the end, participants earned more than $1.2 million which is more than ever paid out at this contest. White hat hackers demonstrated exploits for Safari, Chrome, Edge, Windows 10, Ubuntu, Microsoft The post Pwn2Own 2021: participants earned $1,2M of the $1.5M prize pool appeared first on Security Affairs.

  • NCSC: Large Number of Brits Are Using Easily Guessable Passwords
    on April 9, 2021 at 2:00 pm

    The survey found 15% of Brits use their pet's name as a password