Shopify confirmed the incident is not because of technical vulnerability and most of the customers are not affected. The company believes those rogue employees accessed around 200 customers’ records.
As revealed, a recent hacking attack, that possibly happened on September 20, 2020, has affected at least 500,000 Activision accounts. The attackers are changing users’ account details to avert any restoration of hacked accounts.
Dubbed 'Zerologon' (CVE-2020-1472) and discovered by Tom Tervoort of Secura, the privilege escalation vulnerability exists due to the insecure usage of AES-CFB8 encryption for Netlogon sessions, allowing remote attackers to establish a connection to the targeted domain controller over Netlogon Remote Protocol (MS-NRPC).
Team Wordfence has found numerous bugs affecting the Discount Rules for WooCommerce Plugin. As elaborated in their recent post, they found multiple stored Cross-Site Scripting (XSS) flaws leading to authorization bypass.
A serious bug exists in Firefox for Android browsers that allows hijacking other phones’ browsers connected on the WiFi. Upgrade your phones Firefox browsers at the earliest
Recently, ThreatFabric researchers released a report about their findings on Android banking trojan - BlackRock. First identified in May 2020, BlackRock can steal credentials and credit card information from a list of 337 financial, networking, communication, dating, and social apps.
The Azure apps were part of the group's 2020 attack routine, which Microsoft described as "particularly challenging" to detect due to its multi-stage infection process and the broad use of PowerShell payloads.
Security firm Group-IB says it identified a new cybercrime group that, for the past six months, has repeatedly and intentionally targeted Russian businesses with malware and ransomware attacks.
Law enforcement agencies around the world have arrested 179 people involved in buying and selling illicit goods and services on the dark web as part of a coordinated international take down operation involving agencies in nine countries – and police have warned cyber criminals that "the golden age of the dark web is over".
The Russian government is working on updating its technology laws so it can ban the use of modern internet protocols that can hinder its surveillance and censorship capabilities.