QRLJacking: A new attack vector for hijacking online accounts
We all know that scanning random QR codes is a risky proposition, but a newly detailed social engineering attack vector dubbed QRLJacking adds another risk layer to their use. …
UAC bypass attack on Windows 10 allows malicious DLL loading
Security researchers Matt Graeber and Matt Nelson have discovered a way to run a malicious DLL on Windows 10 without the User Account Control (UAC) springing into action and …
BMW ConnectedDrive flaws could be misused to tamper with car settings
Security researcher Benjamin Kunz Mejri has found two vulnerabilities in the BMW ConnectedDrive web portal/web application. About the vulnerabilities in BMW ConnectedDrive The …
How attackers can hijack your Facebook account
Positive Technologies researchers have demonstrated that knowing a user’s phone number and how to exploit a vulnerability in the SS7 network is enough to hijack that …
For PoC exploits, go on Twitter
Proof-of-Concept exploits are increasingly being shared and discussed online, threat intelligence firm Recorded Future has discovered. Between March 22, 2015 and the present …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility