featured story NXNSAttack: Latest DNS Vulnerability Allows Amplified DDoS Attacks Isreali Researchers have discovered a new DNS vulnerability ‘NXNSAttack’ that can be exploited for DDoS attacks amplified upto 1620x. Learn what is NXNS Attack and how you can fix it. 21 May 2020 • 4 min read Read post
vulnerability Microsoft Releases Emergency Windows Updates for 2 RCE Bugs Microsoft urgently released 2 out-of-band software updates for Windows 10 and Windows Server 2019 editions. Find out more about the remote code execution vulnerabilities. Mishka Grey 2 Jul 2020 • 2 min read
ios How TIKTOK & Other Chinese Apps Are Stealing Your Data Chinese Apps banned over privacy and security concerns. In related news, iOS 14 revealed 50+ Data Stealing Apps including TikTok. Let’s learn how these malicious apps are/ were impacting you. Mishka Grey 30 Jun 2020 • 5 min read
crime Hackers Are Now Stealing Credit Card Information from Favicon Image’s EXIF Metadata Another Magecart attack alert – Your ecommerce store's favicon image might be compromised with skimmer script embedded in its EXIF metadata. Mishka Grey 26 Jun 2020 • 3 min read
vulnerability High Severity NVIDIA Vulnerabilities Affect Windows and Linux Drivers NVIDIA Drivers Vulnerability exploit Window and Linux machines. Upto 12 high severity bugs found. Learn how these can affect you, and NVIDIA drivers patch and fixes. Mishka Grey 25 Jun 2020 • 4 min read
Google Hackers Exploit Google Analytics to Steal Credit Card Details; Bypassing CSP; Magecart Attack Cyber criminals are using Google Analytics application and servers to steal credit card data and information through infected E-commerce stores. Mishka Grey 24 Jun 2020 • 4 min read
vulnerability Zero-Day Ripple20 Vulnerability Puts Millions of IoT Devices at Risk A total of 19 Ripple20 vulnerabilities disclosed that are exploiting the TCP/IP library in many IoT devices, affecting enterprise level equipment across industries like data centers and others. Mishka Grey 17 Jun 2020 • 5 min read
vulnerability Latest SGAxe & CrossTalk Attacks Leak Sensitive Data and Expose New Intel SGX Vulnerability New Intel SGX vulnerability - SGAxe and CrossTalk Attacks are extracting sensitive data from the CPU core. Learn how these exploits work and how to fix them. Mishka Grey 12 Jun 2020 • 4 min read
malware Beware: A ‘Black Lives Matter’ Phishing Email Scam is Spreading TrickBot Malware A Fake Black Lives Matter Voting Email Campaign is going viral, and tricking people with a dangerous malware that can steal your private data. Learn how to avoid this Black Lives Matter petition scam. Mishka Grey 11 Jun 2020 • 3 min read
vulnerability SMBleed with SMBGhost: Latest Windows SMB Protocol Vulnerability SMBleedingGhost A new found SMB protocol vulnerability, SMBleed, when combined with SMBGhost vulnerability allows attackers to gain RCE control over the SMB server or client. Learn how SMBleedingGhost works. Mishka Grey 10 Jun 2020 • 3 min read
Android A Cryptic Wallpaper is Crashing Android Phones: Science Behind the Android Phone Wallpaper Bug Cautionary Advice: DO NOT set this image as your Android Phone Wallpaper. This Sunset, Lake, Mountains, Clouds Wallpaper Image is causing Android Phones to soft-brick. Mishka Grey 9 Jun 2020 • 3 min read
vulnerability ‘VMware’ Cloud Director Vulnerability Allows 100% Takeover of Corporate Server Infrastructures Latest vCloud Director vulnerability provides RCE (remote code execution) privilege to hackers. Learn how this was made possible and if we have a vCloud Director fix yet. Mishka Grey 5 Jun 2020 • 3 min read
vulnerability Latest Zoom Security Issues: 2 Critical Zoom Vulnerabilities Allows Hackers to Access your PC via a Message Latest Zoom Vulnerability 2020 June introduces 2 critical flaws that allow hackers remote code execution (RCE) through the Zoom chat feature. Learn how it works without any user interaction and what is this Zoom Vulnerability fix. Mishka Grey 4 Jun 2020 • 3 min read
Data-Breach ‘BHIM’ App Data Leak Exposes 7M Indian Users Sensitive Data – Risk of Financial Fraud, Identity Theft Mishka Grey 3 Jun 2020 • 5 min read
Data-Breach REvil Hacker Group Strikes Again: ‘Vierra Magen Marcus’ and ‘Elexon’ Data Leak Mishka Grey 1 Jun 2020 • 3 min read
vulnerability High Severity PageLayer Plugin Vulnerability Exposes 200K WordPress Sites to Wipe Attacks Mishka Grey 29 May 2020 • 3 min read
Data-Breach Truecaller Data Breach: 47.5 Million Users’ Personal Data for Sale on Dark Web Mishka Grey 28 May 2020 • 3 min read
vulnerability StrandHogg 2.0: Critical Android Bug Affects 1 Billion Smartphones; Allows App Hijacking StrandHogg 2.0 malware exploits Android phones by allowing a malicious app to hide behind a legitimate app to trick the user. Thus, enabling threat actors to steal sensitive user information. Let’s learn more about the StrandHogg vulnerability. Mishka Grey 27 May 2020 • 3 min read
vulnerability Unc0ver 5.0.1 Released: Latest iPhone Jailbreak Software Unlocks All Recent Versions [iOS Zero-Day Vulnerability] One of the best iPhone Jailbreak tools – Unc0ver has just released its latest and most effective version 5.0.0. It works on all latest versions including iOS 11 to the current iOS 13.5, because of a zero-day vulnerability. Learn how you can jailbreak using Unc0ver software. Mishka Grey 26 May 2020 • 3 min read