Your next Game of Thrones download can be a malware – Here’s why

By Uzair Amir Game of Thrones the most Exploited Series by Hackers and Scammers in 2018- Research reveals. Cybercriminals never miss out on an opportunity to exploit any potentially fruitful event and now that the final season of Game of Thrones is about to be released, they are trying to use it...

Tesla autopilot feature hacked to risk oncoming traffic

By Waqas Tesla's High-End Vehicle’s Lane Recognition System not Free from Technical Glitches- Keen Labs Claims in New Research. Cybersecurity firm Keen Labs published a research paper PDF on Saturday in which it described the three hacks that the company detected that can be used to manipulate...

Is Flawless Anonymity Possible?

By David Balaban The condition of being anonymous is called anonymity - Let’s suppose you want to post the most anonymous comment on a social network imaginable. What kind of tools do you need for that? VPN? Tor? SSH tunnel? In fact, none of the above. It suffices to purchase a burner SIM card an...

Toyota data breach: Hackers steal 3.1 million customers’ data

By Waqas Toyota suffers third consecutive data breach within a few weeks. World famous Japanese automobile maker Toyota has become the target of a third data breach only within two months’ time. In the latest data breach, it is reported that the company lost data of 3.1 million customers...

Inside job: Bithumb crypto exchange hacked again; loses $20 million

By Waqas This is the third time that Bithumb has been hacked to steal millions in cryptocurrency. Crypto industry is being hammered by cybercriminals with full frequency lately. There are reports of a new attack against South Korean bitcoin exchange called Bithumb due to which the exchange got...

Hackers using hacked WordPress & Joomla sites to drop malware

By Waqas Apparently, the malware attack is carried out by Russian speaking hackers. The IT security researchers at Zscaler have discovered a sophisticated malware campaign targeting websites based on WordPress and Joomla content management system CMS. The campaign works in such a way that hackers...

Family locator app leaked real-time location data of 238,000 individuals

By Waqas We normally consider family locator app as a blessing because we are able to track our family members conveniently through them. But, what if your private data collected or shared on such an app gets misused by cybercriminals because the app fails to secure it properly? It would instantl...

New Gustuff Android malware targets cryptocurrency & messaging apps

By Waqas Gustuff Android malware from Russia with love. Group-IB, a cybersecurity firm, has discovered a new breed of Trojan horse malware called Gustuff, which specifically targets Android phones to steal banking credentials and digital assets of users. The malware targets customers of...

Microsoft seizes 99 websites used by Iranian hackers for phishing attacks

By Uzair Amir Microsoft has announced that it has seized some key websites that Iranian hackers used for stealing sensitive information from unsuspecting users in the US as well as launching cyber attacks. Reportedly, 99 websites have been seized by Microsoft of an Iranian hacker group that is...

Privacy in 2019: 6 Basic Steps to Keep Yourself Protected

By John Mason 2019 has barely started, and indications show that this year could very well be one of the worst for Internet users as far as privacy and data security is concerned. As HackRead has reported, below are some of the biggest privacy breaches already exposed this year: Security...

ShadowHammer: ASUS software updates exploited to distribute malware

By Waqas The victims of ShadowHammer malware attack are Windows users. Kaspersky Lab researchers have made a startling new revelation that the world’s leading computer maker ASUS’s live software update system was compromised by cybercriminals to install a backdoor, which affected ASUS customers...

Firefox, Edge, Safari, Tesla & VMware pwned at Pwn2Own

By Waqas Pwn2Own 2019 has yet again proved that a secure system is nothing else but a myth. In its two days running, the contest has claimed many high-profile victims including the likes of Tesla, Firefox, and Safari. Pwn2Own is an annual hacking contest held in Vancouver alongside the CanSecWest...

FEMA leaks sensitive details of 2.3 million disaster survivors

By Carolina The Department of Homeland Security’s Office of the Inspector General has released a report revealing that FEMA Federal Emergency Management Agency couldn’t protect the private and confidential information of about 2.3 million hurricane survivors. In 2017, residents of Harvey, Maria,...

PewDiePie ransomware forcing users to subscribe him on YouTube

By Waqas T-Series - PewDiePie Battle Takes an Ugly Turn- PewDiePie Fans Launching PewDiePie ransomware to Get Followers. The battle between T-Series and PewDiePie for the top slot on YouTube is getting more fierce and dramatic day by day. Where T-Series fans are supporting the Indian music compan...

Medtronic defibrillators vulnerable to life threatening cyber attacks

By Waqas Defibrillators are electronic devices manufactured to save the lives of people with life-threatening heart conditions such as Hypertrophic Cardiomyopathy HCM. But now, according to the Department of Homeland Security DHS, Medtronic defibrillators are vulnerable to cyber attacks allowing...

Facebook stored 600m user passwords in plain text exposed to 20k employees

By Uzair Amir The company says it discovered the issue in January and there is no need to change passwords. The social media giant Facebook has revealed that its internal data storage systems saved user passwords in plain text that could be accessed by employees. The social media said an ongoing...

Panic after hackers take control of emergency tornado alarms in Texas

By Waqas On March 12th, at around 2:30 a.m., residents of two Texas towns panicked after hearing tornado alarm that went off until 4:00 a.m. They were disturbed because the alarms repeatedly went on and off for about one and a half hours, thanks to hackers - Finally, related authorities were able...

Flaw in NSA’s GHIDRA leads to remote code execution attacks

By Waqas GHIDRA is NSA's reverse engineering tool released earlier this month. Earlier this month, Hackread.com posted about the National Security Agency’s NSA publicly releasing its decompiler and disassembler tool GHIDRA and make it open-source software. Now, it has been revealed that the gener...

Israeli fintech firms hit by Cardinal RAT malware

By Waqas The IT security researchers at Palo Alto Networks' Unit 42 have discovered a malware that has been targeting Israeli cyberspace especially those dealing with technology and financial sector. Dubbed Cardinal RAT remote access Trojan by researchers; the malware is currently targeting two...

MySpace loses 12 years worth of photos, songs & video files

By Waqas MySpace says it happened during a server migration project. Last time the once prominent social network website MySpace made headlines in 2016 after it suffered a massive data breach in which personal data of 427 million users including emails and passwords was stolen and leaked online...

Counter-Strike 1.6 game client 0-day exploited to spread Belonard trojan

By Waqas Dr. Web’s cybersecurity researchers have identified an attacker is trying to exploit zero-day vulnerabilities in Counter-Strike 1.6 game specifically to distribute Belonard Trojan. Reportedly, about 39% of all the active servers of the game on Steam have been manipulated and compromised ...

Hackers are using 19-year-old WinRAR bug to install nasty malware

By Waqas By using the bug, hackers are desperately dropping persistent malware through generic trojan on systems using the old version of WinRar. McAfee security firm’s researcher Craig Schmugar has identified that the world famous and commonly used compression software WinRar is plagued with cod...

SimBad malware on Play Store infected millions of Android devices

By Waqas Most of the applications infected by SimBad malware are simulator games. The IT security researchers at Check Point have discovered a sophisticated malware campaign that has been targeting Android users through Google Play Store on a global level and so far more than 150 million users ha...

Pakistani Govt’s passport application tracking site hacked with Scanbox framework

By Waqas Hackers are after anyone seeking Pakistani passport while there is no response from the website's administrator. Researchers at information security firm Trustwave have made a startling new discovery about data breach on a Pakistani government website involving the Scanbox Framework. It ...

New Samsung Galaxy S10 review and features

By Uzair Amir The all new Samsung Galaxy S10 family has been released by Samsung on 8th March, 2019 and despite the high price & a lazy start, the Galaxy S10 has made a record in pre-orders for Samsung in the US. When the pre-orders for Samsung Galaxy S10 family began, there were rumors and...

Facebook and Instagram are down around the world

By Carolina Facebook says it's aware of the situation and trying to fix the issue. Another day, another service outage at social media giant Facebook and its subsidiary company Instagram. Yes, Facebook and Instagram have been hit by a worldwide service outage forcing both platforms to go offline...

“BreedReady” database of 1.8m Chinese women surfaced online

By Waqas Another day, another data breach; this time, Victor Gevers, a Dutch security researcher from GDI Foundation has discovered a publically exposed database containing a massive trove of highly sensitive data of millions of Chinese women. According to Gevers, the database which is open for...

More than Half of Android apps ask for dangerous permissions. Is yours among?

By John Mason It wasn’t very long ago that I revealed that most free VPN services are provided as a front for the big corporations running them to collect user that. Spurred by the findings of that study, I decided to dig deeper to see how much of a threat, especially when it comes to user data,...

Verifications.io breach: Database with 2 billion records leaked

By Waqas Verifications.io breach is one of the largest data breaches but the good news is that it does not involve passwords. Another day, another data breach; this time the email validation service Verifications.io has leaked a humongous database containing personal and sensitive records of more...

Applicants data of 3 elite US colleges hacked for ransom

By Ryan De Souza Recently it was reported that Chinese hackers are aiming to target around 26 leading research academies to steal research about maritime technology, the majority of which happen to be based in the USA. In the same week, three mainstream private colleges have claimed that their...

Hackers steal 6TB of data from enterprise software developer Citrix

By Waqas Enterprise software developer Citrix becomes a victim of state-sponsored hack attack after hackers steal the company's secrets. One of the most popular enterprise software and networking and remote access technology provider firm Citrix affirmed that its internal network was compromised ...

Vulnerable smart alarms allowed hackers to track & turn off car engine

By Waqas By gaining access to the vehicles, hackers can not only locate them but also open their doors and even turn off the engine while the owner is driving. Two popular car alarm companies are facing problems with their products. Viper and Pandora are famous for their alarms that cost thousand...

New backdoor malware hits Slack and Github platforms

By Waqas The cybersecurity researchers at Trend Micro have discovered A new malware strain tapped into GitHub posts and Slack channels. Dubbed Slub by researchers; the malware works by exploiting a VBScript engine vulnerability that is classified as CVE-2018-8174 patched by Microsoft last year. B...

The Pirate Bay spreading malware PirateMatryoshka via reputed seeders

By Waqas Cybercriminals often use torrent services to distribute malicious code since users who look for illegal content usually disable their privacy and security settings on the web as well as ignore system notifications. Resultantly, they fall prey to adware and malware campaigns hosted by...

Saudi caller ID app Dalil leaked data of over 5 Million users

By Uzair Amir Thanks to yet another unsecure MongoDB Server. Dalil is a Saudi caller ID app that is reportedly been leaking user data because of storing it on an unsecure MongoDB server. Within a week private data of over 5 million Dalil users has been leaked and the data is available online easi...

Download NSA’s reverse engineering tool GHIDRA

By Waqas Recently we informed that the National Security Agency's NSA plans to release GHIDRA, the famous reverse engineering tool in March. As per latest reports, the NSA has released GHIDRA and the open-source world can now use it easily. This is quite unlike the other cybersecurity tools so fa...

WordPress security: Steps to assess an employee before granting admin access to WordPress

By Waqas Are you planning to hand over admin access of your WordPress site to someone else? You certainly need to take some steps to ensure the security of your WordPress website. Since your WordPress site is your creation and you have put in a lot of hard work and efforts to make it what it is …...

PlayStation serial number leads Feds to bust a massive drug ring

By Waqas This could easily be termed one of the largest Fentanyl related busts in the US but this time thanks to PlayStation serial number. The federal agents captured a large heroin ring in Novi, Michigan after raiding a condominium and discovering Fentanyl in large quantity. The quantity was so...

Dark web hacker selling admin access to a Chinese railway company

By Waqas The IT security researchers at Sixgill's threat intelligence team have identified an "experienced threat actor" on the dark web selling access to the admin panel of a Chinese rail control system. This access would enable criminals to manipulate train control systems, affecting over one...

The Pirate Bay’s preferred cryptominer Coinhive shutting down next week

By Waqas The Pirate Bay was caught twice secretly mining Monero cryptocurrency using Javascript powered by Coinhive. Popular in-browser crypto-mining service will be shutting down from March 9th, 2019 much to the dismay of hackers who loved it quite ardently. The reason behind this decision,...

19-year-old ethical hacker is a millionaire now; thanks to his skills

By Carolina Argentina’s Santiago Lopez is now a millionaire due to his prowess on identifying flaws in online services as well as software. The ethical hacker who uses the moniker @trytohack became part of HackerOne’s bug bounty program in 2015 and so far he has reported more than 1,670 unique...

Dow Jones’ screening watchlist data exposed online

By Waqas A database hosted on Amazon Web Services AWS and owned by Dow Jones has accidentally been exposed putting approx. 2.4 million corporate entities and individuals at risk of data theft. Reportedly, the exposed database comprises sensitive information about terrorists, criminals, and shady...

iPhone hacking tool Cellebrite being sold on eBay

By Waqas Cellebrite UFED, an iPhone hacking tool made in Israel and widely used by the law enforcement authorities including the Federal Bureau of Investigation, Customs Enforcement and Immigration departments is surprisingly up for sale on eBay. This tool is mainly used for hacking or breaking...

Cellular networks flaws expose 4G & 5G devices to IMSI capturing attacks

By Waqas A team of researchers has disclosed their findings at the NDSS Network and Distributed System Security symposium 2019 held in San Diego, revealing that cellular networks have certain vulnerabilities that can potentially affect not only 4G but 5G LTE protocols to IMSI capturing attacks. T...

6 Pieces of Tech Every Office Needs

By Carolina Before you start buying any technology or furniture for your office, you must put in some planning and research time. There are so many options to consider and each one will have a direct impact on the functionality of your workspace and, as result, how productive you and your team ar...

Check your VPN DNS test tool legitimacy: Is it “good” or deceptive

By Zehra Ali Does your VPN leaks DNS data? Does the DNS testing tool you're using shows real results or shows sponsored results for affiliate marketing? Virtual private network VPN users are increasing at a great pace due to growing privacy concerns and numerous VPN options, including both, the...

Android banking malware distributed with fake Google reCAPTCHA

By Waqas Sucuri’s cybersecurity researchers have identified a highly sophisticated phishing campaign that is specifically targeting online banking users. The attack, for now, has been directed against a Polish bank in which attackers are exploiting Google reCAPTCHA systems as well as...

Taking Care of Your Personal Online Security (For Paranoids)

By David Balaban We live in a world where anonymity and online privacy are impossible things. Your phone calls can be tapped, smartphone data can be stolen, and even the camera and microphone can be turned on remotely. You can be watched from the satellite, in real time. We all live in the matrix...

Understanding VPN through open systems interconnection model

By David Balaban VPN is a wonderful thing that you all have probably heard about. I assume it was something like this: “Using a VPN you can visit websites blocked by state services and engage in any network activity without fear of revealing your actual IP address.” If you thought that Virtual...

Major Android ad fraud scam campaign drains battery & eats data

By Waqas Presence of infected games and apps that are costing innocent users financial and data losses is not a new phenomenon. However, it is indeed surprising that a firm that promises to fight app piracy is itself involved in this horrendous act. According to the latest research from Oracle,...