Experts caught Baidu Android apps for collecting user data

Baidu collecting user data

The apps Baidu Maps and Baidu Search Box, downloaded more than 6,000,000 times, were convicted of collecting user data and were removed from the Google Play Store last month. Palo Alto Networks specialists discovered problems in the applications and released a detailed report on their findings this week. According to …

Read More »

Cybercriminals are hijacking GoDaddy’s cryptocurrency domains

Cybercriminals hijacking GoDaddy’s domains

Well-known cybersecurity journalist Brian Krebs reported that cybercriminals are hijacking GoDaddy’s cryptocurrency domains. GoDaddy employees have been victims of social engineering attacks, and as a result, hackers have transferred control over the domains of several cryptocurrency projects. According to Krebs, the attacks began in mid-November this year. Employees of the …

Read More »

Firefox bug allowed stealing cookies from Android devices

Bug in Firefox for Android devices

Independent information security expert Pedro Oliveira spoke about the CVE-2020-15647 bug, which he discovered in the spring of this year in Firefox for Android devices. Using a specially crafted HTML file, it was possible to steal cookies from the victim’s device. The vulnerability is linked with the way how Firefox …

Read More »

Zoom will warn users about possible troll attacks

Zoom will warn about troll

Since April this year, Zoom has been protecting all conferences with a mandatory six-digit numeric password, and the developers have introduced this protection measure because of the so-called Zoom-Bombing. Now, in addition, Zoom will warn users about possible troll attacks. The fact is that before the implementation of this protective …

Read More »

GitHub restored youtube-dl library after EFF intervention

GitHub restored youtube-dl library

Today, after a series of the biggest scandals, in which got involved the IT community, GitHub has restored the library of the youtube-dl open source project. Let me remind you that this story began last month, when copyright holders from the Recording Industry Association of America (RIAA) insisted on the …

Read More »

Cobalt Strike source codes published online

Cobalt Strike source codes

Bleeping Computer reports that the source codes for Cobalt Strike has been found in the public domain on GitHub. Hackers , from government APT groups to ransomware operators, for a long time loved this legitimate commercial tool, built for pentesters and red teams, and focused on exploitation and post-exploitation. Although …

Read More »