What Is A Dictionary Attack ? Here’s How Can You Can Prevent It
A dictionary attack is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password. A dictionary attack can also be used in an attempt to find the key necessary to decrypt an encrypted message or document. A dictionary…
Over 300K Spotify Accounts Hacked In Credential Stuffing Attack
VPNMentor’s research team has discovered a possible credential stuffing operation whose origins are unknown, but that affected some online users who also have Spotify accounts. Credential stuffing is a hacking technique that takes advantage of weak passwords that consumers use — and often re-use — online….
TikTok Patches Reflected XSS Bug, One-Click Account Takeover Exploit
TikTok has patched a reflected XSS security flaw and a bug leading to account takeover impacting the firm’s web domain. Reported via the bug bounty platform HackerOne by researcher Muhammed “milly” Taskiran, the first vulnerability relates to a URL parameter on the tiktok.com domain which was not…
Manchester United Football Club Discloses Cyber Security Breach
European football club Manchester United disclosed on late Friday a cyber-security incident that impacted its internal systems. The football club said it’s still investigating the incident and couldn’t say if the breach allowed the intruders to access data associated with fans or store customers. While…
Top 4 Best Anonymous Email Providers
There are many email providers that offer secure email services. However, not all of them shield your identity. Some will only encrypt the content of your emails, so be sure to check whether it hides your IP address, whether it asks for your personal information…
Microsoft : Cybercriminals Are Targeting Covid-19 Vaccine Makers
Microsoft has detected cyberattacks from three nation-state actors targeting seven prominent companies directly involved in researching vaccines and treatments for Covid-19. The targets include leading pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea and the United States. The attacks came from Strontium,…
Stock Photo Site 123RF Has Suffered A Massive Data Breach | 8.3 Million User Records Exposed !
Popular stock photo site 123RF has suffered a massive data breach. Cybercriminal began selling database containing 8.3 million user records on a Darkweb. The stolen data includes a 123RF members’ full name, email address, MD5 hashed passwords, company name, phone number, address, PayPal email if…
Ransomware Group Turns To Facebook Ads
A ransomware group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up, krebsonsecurity reports. On the evening of Monday, Nov. 9, an ad campaign apparently taken out by the Ragnar Locker Team began appearing on Facebook. The ad was designed to…
5.8 Million RedDoorz User Records For Sale On Dark Web
Singapore-based hotel management & booking platform Reddoorz suffers a massive data breach. A hacker is selling a RedDoorz database containing 5.8 million user records on a dark web. As part of the sale, the threat actor shared a database sample, including the table structure and…
Critical Bugs Found On ‘Ultimate Member’ Plugin | UPDATE IMMEDIATELY !
Wordfence’s Threat Intelligence team disclosed several vulnerabilities in Ultimate Member, a WordPress plugin installed on over 100,000 sites. These flaws made it possible for attackers to escalate their privileges to those of an administrator and take over a WordPress site. Ultimate Member is an extensible WordPress…
The EU May Be Looking Into Breaking End-To-End Encrypted Chats
In the EU Council of Ministers, a resolution was made ready within five days, obliging platform operators such as WhatsApp, Signal and Co. to create master keys for monitoring E2E-encrypted chats and messages, the ORF (Austrian Broadcasting Corporation) reports. The ORF obtained an internal draft in which…
Hosting Provider Exposed 63 Million Customer Records
A hosting provider exposed over 63 million customer records via an open elastic search database containing verbose logs with plain-text username/password credentials for numerous WordPress, Magento and other sites, securethoughts reports. The database appeared to belong to the Texas-based cloud application hosting provider, Cloud Clusters…
FBI : Cyber-Criminals Target Misconfigured SonarQube Instances to Access Proprietary Source Code of US Government Agencies and Businesses
Since April 2020, unidentified cyber actors have actively targeted vulnerable SonarQube instances to access source code repositories of US government agencies and private businesses, the FBI said in an alert sent out last month and made public this week on its website. The actors exploit known configuration…
Cyber-Criminal is Selling 34 Million User Records Stolen From 17 Companies
A hacker is selling account databases containing an aggregate total of 34 million user records that they claim were stolen from seventeen companies during data breaches, according to Bleepingcomputer. On October 28th, a data breach broker created a new topic on a hacker forum to…
What Is Spyware? And How To Remove It
Spyware is unwanted software that infiltrates your computing device, stealing your internet usage data and sensitive information. Spyware is classified as a type of malware — malicious software designed to gain access to or damage your computer, often without your knowledge. Spyware gathers your personal…
How To Stop Online Sexual Harassment And Protect Yourself
Online or cyber sexual harassment encompasses a range of unwanted, unwelcome, or unauthorized behaviors, sexual in nature, that are addressed to or shared about an individual through digital communication channels. Discrimination based on sex or gender is also sexual harassment. Intentional and unintentional sexual harassment can…
Social Media Safety Tips For Women For A Safer Digital Life
According to a study by the Pew Research Center, most online abuse takes place on social media. Although men are also subject to online harassment – which includes name-calling, derision, and physical threats – the study found that online, women are more than twice as…
5 Things To Do If Your Email Account Is Hacked
Cybercriminals usually hacked your email account to access your personal data. We link everything from online banking to federal taxes with our emails, recovery from a hack is extremely time-sensitive. You’ll have to act fast and carefully if you want to minimize the damage to…
5 Risks Of Using Free VPN Services
Recently, 7 Virtual Private Network (VPN) providers who claim not to keep any logs of their users’ online activities recently left 1.2 terabytes of private user data exposed to anyone who comes looking. The data, found on a server shared by the services, included the Personally…
Vulnerability Exposes Over 4 Million Sites Using WPBakery | Update IMMEDIATELY!
Wordfence’s Threat Intelligence team discovered a vulnerability in WPBakery, a WordPress plugin installed on over 4.3 million sites. This flaw made it possible for authenticated attackers with contributor-level or above permissions to inject malicious JavaScript in posts. Wordfence’s Threat Intelligence has reached out to the plugin’s…
Stay connected