The most recent iteration of the Child’s Play franchise features the murderous doll Chucky as a rogue IoT device gone mad. The new film’s trailer features Chucky connected to the “Buddi” platform which allows users to control all of their connected home devices including various electronics, toys, and anything else that can be forged into…
Cisco latest round of security updates addresses 29 vulnerabilities in multiple Cisco products that could allow a remote attacker to take control of an affected system and one of which is being actively exploited in Sea Turtle campaign. Admins in charge of Cisco ASR 9000 Series Aggregation Services Routers have been instructed to urgently address…
Researchers have spotted a new family of ransomware dubbed NamPoHyu virus or MegaLocker virus targeting remote Samba servers. While ransomware infections are typically installed on the computer that will be encrypted other malware, malicious email attachments, or by the attackers hacking a computer or network. This new variant searches for accessible Samba servers, brute forcing…
A vulnerability in the Electronic Arts (EA) online gaming platform Origin could allow an attacker to trick unsuspecting gamers into remotely running malicious code on their computer. Security researchers Daley Bee and Dominik Penner of Underdog Security discovered the bug affecting tens of millions of Windows users with the Origin app installed, according to TechCrunch.…
A phishing scam is circulating Instagram claiming that users have made “The Nasty List” with the goal of stealing account credentials. The scam is spread via messages sent through hacked accounts claiming the recipients were spotted on the so called NastyList stating something like “OMG your actually on here, @TheNastyList_34, your number is 15! its…
Independent security researcher Armin Sebastian discovered a vulnerability in Adblock Plus which can allow hackers to read a victim’s Gmail and look into other Google services. Adblock Plus is the world’s most popular free advertisement blocker with millions of users and extensions that run in all the major web browsers including Chrome, Edge, Firefox, Opera…
Security researchers identified a remote code execution on windows vulnerability in Apache Tomcat. The vulnerability is rated “Important” and was identified by an external security researcher and reported to the Apache Tomcat security team via the bug bounty program, according to an April 10 blog post. The vulnerability leaves the CGI Servlet at risk due…
Threat actors are using accounts with admin privileges to install BitPaymer ransomware via PsExec suggesting threat actors are taking a more targeted approach to their distribution of malware. Similar to the Arizona Beverage ransomware attack earlier this month, a manufacturing company also appears to have been targeted in an attack in which the company’s name…
Facebook admitted a supply chain data leak in its new Oculus headsets resulted in the devices shipping out with secret messages reading “Big Brother Is Watching You,” “The Masons Were Here,” “This Space for Rent,” and “Hi iFixit! We See You!.” The messages were physically printed inside tens of thousands of new Oculus motion controllers…
A new ransomware dubbed CryptoPokemon encrypts user files and demands approximately $104 worth of Bitcoin to decrypt the files. CryptoPokemon encrypts files using SHA256 + AES128 and comes with a note containing an email address and website to contact the threat actors who describe themselves as “valiant support [who] will help you solve this problem.”…
