Android devices hijacked by Chinese company for guaranteed Clicks around the world

A mobile app development company has been identified as the perpetrator of distributing malicious applications globally and hacking the Android phones of users on whose devices these apps are installed. The apps grant complete access to the Android devices of the users and the attackers can gain total control over these devices. These malware apps […]
Share Button
Continue reading →

Lenovo Customer Feedback Program 64 – Lenovo’s pre installed spyware caught for the 3rd time.

(Image: Lenovo.com) Twice before Lenovo has been caught spying on the users and this is the third time that the company has been found doing the same. Computerworld’s Michael Horowitz has discovered a software installed on Lenovo’s computers. The application is called “Lenovo Customer Feedback Program 64” and its primary function is gathering feedback information […]
Share Button
Continue reading →

U.S. Government OPS Breach: 5.6 million fingerprints of Federal workers were stolen

The Office of Personnel Management and the Department of Defense are analyzing a data breach which has resulted in stealing of around 5.6 million fingerprint records of federal workers. Initial reports put the number at 4.5 million, however the latest report released on Wednesday 23rd September suggests that the number is as high as 5.6 […]
Share Button
Continue reading →

Western Digital My Cloud NAS can be hijacked using Command Injection and CSRF – VerSprite

WD My Cloud or Western Digital My Cloud is an efficient Network Attached Storage system. The objective of the WD My Cloud NAS is to provide a cloud storage system for private applications such as home based cloud storage or a small business storage. The data on this private cloud can be accessed by the […]
Share Button
Continue reading →

Google Chrome can be crashed with 16 characters

If you use Google Chrome 45 or any of the older versions, it can crash by simply typing a 16 character URL. The bug was first detected by Andris Atteka who reported it to Google, but he was not rewarded since it is not a security issue but a DOS vulnerability. The issue reported by […]
Share Button
Continue reading →

XcodeGhost malware infects Apple’s App Store infecting 100’s of apps,scares security experts

A malware has always been a major threat to devices, data and user accounts; but the threat increase manifold when a malware is more subtle and deep rooted like the one in an app creation tool! Such threats are real and already exist. XcodeGhost is an example of such malware. The counterfeit Xcode, termed as […]
Share Button
Continue reading →

Elevation of Privilege Vulnerability Could Bypass “Screen Lock” Of Android 5.0 (CVE-2015-3860)

UT Austin ISO (Information Security Office) has detected a bug in Android 5.x that allows hackers to bypass the locked screen of the phone and access the home screen or other functions of the phone. For the purpose of the attack however the attacker must have physical access to the phone and the screen should […]
Share Button
Continue reading →

Apple’s AirDrop flaw leaves users vulnerable to exploit

Mark Dowd, the head of Australia based Azimuth security has stated that there is a vulnerability in AirDrop, the file sharing service of Apple which allows unauthorized access to the device that can be used for the installation of malware. A user with an AirDrop configuration allowing file sharing with anyone and not merely their […]
Share Button
Continue reading →

SUCEFUL – A new Malware capable of copying data from ATM cards

A new kind of malware named SUCEFUL capable of stealing information from ATM cards and capable of retaining them in the ATM machines has been detected by FireEye Labs. The malware has been uploaded on VirusTotal and the researchers at FireEyes Labs traced it as Backdoor.ATM.Suceful. It seems that the name of the virus is […]
Share Button
Continue reading →

Blue Termite – An APT with sophisticated Cyber Espionage campaign targeting Japan

An Advanced Persistent Threat termed Blue Termite has targeted several Japanese companies since November 2013. Antivirus major Kaspersky Lab started working on the APT in the month of October 2014. Although the instance is not unprecedented, it is the first time that an APT has targeted Japanese companies that have their Client to Server (C2S) […]
Share Button
Continue reading →