“Alexa, are you spying on me?” — aaaa…..mmmm…..hmmm…..maybe!!!
Security researchers have developed a new malicious ‘skill’ for Amazon’s popular voice assistant Alexa that can turn your Amazon Echo into a full-fledged spying device.
Amazon Echo is an always-listening voice-activated smart home speaker that allows you to get things done by using your voice, like playing music, setting alarms, and answering questions.Read More
Only a few hours after the Drupal team releases latest updates to fix a new remote code execution flaw in its content management system software, hackers have already started exploiting the vulnerability in the wild.
Announced yesterday, the newly discovered vulnerability (CVE-2018-7602) affects Drupal 7 and 8 core and allows remote attackers to achieve exactly same what previously discovered Drupalgeddon2 (CVE-2018-7600) flaw allowed—complete take over of affected websites.Read More
If you often leave your valuable and expensive stuff like laptop and passports in the hotel rooms, then beware. Your room can be unlocked by not only a malicious staff having access to the master key, but also by an outsider.
A critical design vulnerability in a popular and widely used electronic lock system can be exploited to unlock every locked room in a facility, leaving millions of hotel rooms around the world vulnerable to hackers.Read More
Damn! You have to update your Drupal websites.
Yes, of course once again—literally it’s the third time in last 30 days.
As notified in advance two days back, Drupal has now released new versions of its software to patch yet another critical remote code execution (RCE) vulnerability, affecting its Drupal 7 and 8 core.Read More
In a major hit against international cybercriminals, the Dutch police have taken down the world’s biggest DDoS-for-hire service that helped cyber criminals launch over 4 million attacks and arrested its administrators.
An operation led by the UK’s National Crime Agency (NCA) and the Dutch Police, dubbed “Power Off,” with the support of Europol and a dozen other law enforcement agencies, resulted in the arrest of 6 members of the group behind the “webstresser.org” website in Scotland, Croatia, Canada and Serbia on Tuesday.
With over 136,000 regiRead More
Security researchers have discovered three vulnerabilities in the Spring Development Framework, one of which is a critical remote code execution flaw that could allow remote attackers to execute arbitrary code against applications built with it.
Spring Framework is a popular, lightweight and an open source framework for developing Java-based enterprise applications.Read More
One of the biggest and most popular multi-antivirus scanning engine service has today launched a new Android sandbox service, dubbed VirusTotal Droidy, to help security researchers detect malicious apps based on behavioral analysis.
VirusTotal, owned by Google, is a free online service that allows anyone to upload files to check them for viruses against dozens of antivirus engines simultaneously.Read More
Facebook dropped another bombshell on its users by admitting that all of its 2.2 billion users should assume malicious third-party scrapers have compromised their public profile information.
On Wednesday, Facebook CEO Mark Zuckerberg revealed that “malicious actors” took advantage of “Search” tools on its platform to discover the identities and collect information on most of its 2 billion users worldwide.Read More