SecureBug allows you to evaluate your offensive and defensive skills, in addition, to let you exchange your ideas and methodologies with thousands of people in the security field.
Join Nordic's No.1 Crowdsourced Security Platform For Offensive & Defensive Security Strategies.
The FTCode ransomware has been upgraded to steal saved user credentials from browsers and email services. Its targets are Internet Explorer, Mozilla Firefox, Mozilla Thunderbird, Google Chrome, and Microsoft Outlook. FTCode is believed to be the handiwork of Russian threat groups. Sophos first discovered the malware in 2013, and it reappeared in October 2019 as…
Japanese company Mitsubishi Electric disclosed a security breach that might have caused the leak of personal and confidential corporate information. Mitsubishi Electric Corp announced that it had been the target of a series of cyberattacks that has led to information regarding Government agencies and other business partners being compromised. The security breach was discovered after…
Video game maker Ubisoft has filed a lawsuit against a website that allegedly sells subscriptions to a server that distributes denial-of-service (DDoS) attacks on Rainbow Six. The company claims they are “well aware of the harm” the service has caused for the company. Ubisoft is seeking to shut down the website and claim damages and…
Attacks on Citrix servers have intensified this week. Multiple threat actors have now joined in and are launching attacks in the hopes of compromising a high-value target, such as a corporate network, government server, or public institution. One of the threat actors is patching them and installing their own backdoor to lock out other attackers.…
Security researchers from Sophos have discovered a new set of “fleeceware” apps that have been downloaded and installed by more than 600 million times on 100 million devices. The cybersecurity firm first invented the term fleeceware last September after it discovered a new type of financial fraud taking place on the Google Play Store. Fleeceware…
Microsoft published a security advisory warning of an Internet Explorer (IE) zero-day vulnerability. The vulnerability, tracked as CVE-2020-0674 and rated moderated, is currently being exploited in the wild. The company described these as “limited targeted attacks” suggesting the zero-day was not broadly exploited, but rather that it was part of attacks aimed at a small…
A Facebook bug temporarily allowed anyone to see the admin behind Facebook Pages. Facebook doesn’t reveal the page admin accounts unless the Page owner decides to make the admins public, but the bug allowed anyone to reveal the accounts running a Page. The bug was exploited in attacks in the wild against several high-profile pages.…
Two WordPress plugins, InfiniteWP Client And WP Time Capsule, contain critical security vulnerabilities that allow adversaries to access a site’s backend with no password. The vulnerability is due to a logical mistake and has opened up an estimated 320,000 websites to exploit. InfiniteWP allows users to manage an unlimited number of WordPress sites from their servers. And WP…
Risk management is the process of identifying, assessing, responding, and implementing the activities. This process controls how the organization manages the potential effects of risks. It is a continuous and ever-increasing complex process and has a prominent rank throughout the security life-cycle. All organizations prepare a risk management plan, but the types of risks are…
Researchers have found a new ransomware family that is being used to target and encrypt all of the devices on business networks. The SNAKE is a new ransomware that is threatening enterprises worldwide together with the most popular ransomware families such as Ryuk, Maze, Sodinokibi, LockerGoga, BitPaymer, DoppelPaymer, MegaCortex, LockerGoga. The SNAKE ransomware is the…