Category Archives: Posts

Malware Attack via PowerPoint Files

Cybercriminals have been leveraging a new technique, which involves PowerPoint files and mouseover events, to get users to execute arbitrary code on their systems and download malware. They are crafting office files mainly word documents to deliver malware . These attacks typically rely on social engineering to trick the targeted user into enabling VBA macros embedded… Read More »

WordPress Fixes CSRF, XSS Bugs and Announced a Bug Bounty Program

WordPress has requested its webmasters to update their applications to the latest version of its content management system (CMS) to mitigate several issues, including a pair of cross-site scripting (XSS) bugs and a cross-site request forgery (CSRF) bug that’s existed for 10 months. The latest version for WordPress 4.7.5, was released on Tuesday. If users have have… Read More »

Massive Ransomware Attack Hits Several Computers in 99 Countries

Security researchers found a ransomware called “WannaCry” or “Wanna Decryptor” is a type of ransomware which spreads from machine to machine silently and remains invisible to users until it unveils itself, Which then warns users that all their files have been encrypted with a key known only to the attacker and that they will belocked… Read More »

“Font Wasn’t Found” Google Chrome Malware Scam

It’s a Trap! Users are getting a message to download a missing font to read the blog by updating the Chrome font pack…Just Don’t Download and Install It. It’s a Trap! Hackers and Scammers are targeting Google Chrome users with this hacking scam that’s incredibly easy to fall for, it is asking all users to… Read More »

Google Goes Public About Unpatched Windows Vulnerability

Google security engineers have once again made details of a vulnerability in Microsoft’s software public, before Microsoft has been able to roll out a patch. Windows users and system administrators around the world have become accustomed to Microsoft releasing important security patches for its wide variety of products on the second Tuesday of every month,… Read More »

Magento Stores – Self-Healing Malware Hitting

A new malware has discovered by security researchers  , It is targeting mostly on Magento stores, with capability of self-healing to restore itself after deletion. Self-healing malware isn’t new, with the first such threat reportedly spotted nearly three decades ago, as the memory-residing Trojan called Yankee Doodle, which could infect .com and .exe files. Discovered in September 1989,… Read More »

SMTP Strict Transport Security Coming Soon to GMAIL and Other WEBMAIL Providers

Gmail users can expect the introduction of SMTP Strict Transport Security to the email service some time this year, bringing a measure of security similar to certificate pinning to one of the world’s biggest webmail services. Head of Google’s anti-abuse research team: Elie Bursztein, said at RSA Conference that SMTP STS will be a major… Read More »

Android Malware Infects Router Via DNS Hijacking

Security researchers have disclosed a new Android Malware, It uses victims’ devices to infect WiFi routers and funnel any users of the network to malicious sites. The malware doesn’t target users directly – instead its goal is to facilitate further attacks by turning victims into accomplices. Security Researchers at Kaspersky Lab, who discovered the malware and dubbed… Read More »

Critical Flaw Reported on PHPMailer – Remote Code Execution

An independent research uncovered a critical vulnerability in PHPMailer that could potentially be used by (unauthenticated) remote attackers to achieve remote arbitrary code execution in the context of the web server user and remotely compromise the target web application. Millions of PHP websites and popular open source web applications, including WordPress, Drupal, 1CRM, SugarCRM, Yii,… Read More »

Hackers Demonstration for SQL Injection – In-Flight Entertainment System Can Hacked

Hackers demonstrate SQL injection vulnerability in a in-flight entertainment system. It is being used by the leading airlines, including Emirates, United, American Airlines, Virgin, and Qatar, could let hackers hijack several flight systems and even take control of the plane. Security researchers explained in IOActive, the security vulnerabilities resides in the Panasonic Avionics In-Flight Entertainment (IFE) system used… Read More »