sites

  • Blog

    Can Wi-Fi owners see what sites I visit on my phone?

    Can wifi owner see what sites I visit? Quick answer? Yes. Whether you’re using your phone on home wifi, public wifi, or at work, your online activity could be tracked. Even if you use incognito mode, the wifi owner (network administrator) could access router logs to monitor the domain names you visit. Network metadata includes all connected devices, which apps…

    Read More »
  • Blog

    Fake Zenmap. WinMRT sites target IT staff with Bumblebee malware

    The Bumblebee malware SEO poisoning campaign uncovered earlier this week aimpersonating RVTools is using more typosquatting domainsi mimicking other popular open-source projects to infect devices used by IT staff. BleepingComputer was able to find two cases leveraging the notoriety of Zenmap, the GUI for the Nmap network scanning tool, and the WinMTR tracerout utility. Both of these tools are commonly used by IT staff…

    Read More »
  • Blog

    Are online survey sites safe? Here’s what to look out for

    Some online survey sites are safe, but plenty rely on bait tactics or shady data collection. Others just aren’t well-run, with slow point systems, payout delays, or constant disqualifications. Before signing up, it’s worth learning the risks so you don’t waste time or leak private info. This guide breaks down the most common warning signs, what safe platforms actually look…

    Read More »
  • Blog

    ASUS DriverHub flaw let malicious sites run commands with admin rights

    The ASUS DriverHub driver management utility was vulnerable to a critical remote code execution flaw that allowed malicious sites to execute commands on devices with the software installed. The flaw was discovered by an independent cybersecurity researcher from New Zealand named Paul (aka “MrBruh“), who found that the software had poor validation of commands sent to the DriverHub background service.…

    Read More »
  • Blog

    Hijacked Microsoft Stream classic domain “spams” SharePoint sites

    The legacy domain for Microsoft Stream was hijacked to show a fake Amazon site promoting a Thailand casino, causing all SharePoint sites with old embedded videos to display it as spam. Microsoft Stream is an enterprise video streaming service that allows organizations to upload and share videos in Microsoft 365 apps, such as Teams and SharePoint. Video content hosted on…

    Read More »
  • Blog

    Malware campaign ‘DollyWay’ breached 20,000 WordPress sites

    A malware operation dubbed ‘DollyWay’ has been underway since 2016, compromising over 20,000 WordPress sites globally to redirect users to malicious sites. The campaign has evolved significantly in the past eight years, leveraging advanced evasion, re-infection, and monetization strategies. According to GoDaddy researcher Denis Sinegubko, DollyWay has been functioning as a large-scale scam redirection system in its latest version (v3). However, in…

    Read More »
  • Blog

    YouTube will soon restrict creators from mentioning certain online gambling sites

    YouTube is tightening its policies on gambling content. The platform has announced that it will soon prohibit creators from verbally referring to gambling services not approved by Google, as well as displaying their logos and linking to them in videos. The new rules, which go into effect on March 19th, may also put age restrictions on videos about online gambling.…

    Read More »
  • Blog

    The Best Sites to Find Affordable Dupes

    We may earn a commission from links on this page. We’ve all been there: You find the perfect product, the chair or skin cream that will solve all your problems through the liberal application of capitalism—but it doesn’t fit into your budget. You have three choices: You can spend the next few months (years?) saving diligently toward the glorious day…

    Read More »
  • Blog

    Hundreds of fake Reddit sites push Lumma Stealer malware

    Hackers are distributing close to 1,000 web pages mimicking Reddit and the WeTransfer file sharing service that lead to downloading the Lumma Stealer malware. On the fake pages, the threat actor is abusing the Reddit brand by showing a fake discussion thread on a specific topic. The thread creator asks for help to download a specific tool, another user offers to help…

    Read More »
  • Blog

    W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks

    A severe flaw in the W3 Total Cache plugin installed on more than one million WordPress sites could give attackers access to various information, including metadata on cloud-based apps. The W3 Total Cache plugin uses multiple caching techniques to optimize a website’s speed, reduce load times, and generally improve its SEO ranking. The flaw is tracked as CVE-2024-12365 despite the developer releasing…

    Read More »
Back to top button
close