Ax Sharma
Author Bio
Ax Sharma is an Indian-origin British security researcher and journalist focused on malware analyses and cybercrime investigations. His areas of expertise include open source software security, threat intel analysis, and reverse engineering. Frequently featured by leading media outlets like the BBC, Channel 5, Fortune, WIRED, among others, Ax is an active community member of the OWASP Foundation and the British Association of Journalists (BAJ).
Send any tips via email or Twitter DM.
-
Spammers add random text to shortened links to evade detection
Spammers are using a new technique of adding random, unused text bits to shortened links to evade detection by humans and spam filters.
- October 01, 2020
- 09:01 AM
-
0
-
Natwest and Malwarebytes team up to provide free virus protection
Customers of National Westminster (NatWest) Bank are now eligible to receive a free copy of Malwarebytes Premium subscription for up to 10 devices.
- September 29, 2020
- 04:55 PM
-
1
-
Louis Vuitton fixes data leak and account takeover vulnerability
French fashion and luxury merchandise company Louis Vuitton has quietly patched a security vulnerability on its website that allowed for user account enumeration and even allowed account takeover via password resets.
- September 25, 2020
- 03:51 PM
-
1
-
Shopify data breach illustrates the danger of insider threats
A recent data breach at Shopify that affected almost 200 merchants has been attributed to insiders.
- September 23, 2020
- 11:13 AM
-
0
-
Russian hackers use fake NATO training docs to breach govt networks
Russian cyber espionage group known by names, Fancy Bear and APT28 has been behind a targeted attack campaign aimed at government bodies. The group delivers a hard-to-detect strand of Zebrocy Delphi malware under the pretense of providing NATO training materials.
- September 22, 2020
- 10:15 AM
-
0
-
Strava app shows your info to nearby users unless this setting is disabled
Popular running and cycling app Strava exposes information on nearby strangers which has sparked privacy concerns among its users. Some fear this functionality can be abused for stalking and "predatory" motives.
- September 21, 2020
- 12:07 PM
-
0
-
Google App Engine feature abused to create unlimited phishing pages
A newly discovered technique by a researcher shows how can Google's App Engine domains be abused to deliver phishing and malware all while remaining undetected by leading enterprise security products.
- September 20, 2020
- 10:50 AM
-
0
-
Tutanota encrypted email service suffers DDoS cyberattacks
Encrypted email service, Tutanota has experienced a series of DDoS attacks this week, first targeting the Tutanota website and further its DNS providers.
- September 19, 2020
- 12:31 PM
-
0
-
US 2020 Presidential apps riddled with tracking and security flaws
Vote Joe app is the official app designed for engaging voters as a part of the Biden 2020 Presidential campaign. The app's API was found to be leaking data on a voter's political affiliations as predicted by Target Smart .
- September 17, 2020
- 10:12 AM
-
1
-
University Hospital New Jersey hit by SunCrypt ransomware, data leaked
BleepingComputer can verify University Hospital New Jersey (UHNJ) has suffered from a massive data leak with over 48,000 documents floating on the dark web.
- September 16, 2020
- 01:39 PM
-
0
-
Samsung fixes critical Android flaws with September updates
Samsung has rolled out September 2020 Android updates today on their Galaxy devices. These patch serious vulnerabilities along with enhancing the overall device functionality.
- September 09, 2020
- 11:35 AM
-
0
-
CNN-News18 allegedly hacked to deny PayTM hack claims
A hacking group claims to have breached India's CNN-News18 news site to use it to refute claims that they hacked PayTM Mall earlier this week, BleepingComputer has learned.In their quest to refute claims that they had hacked PayTM.
- September 03, 2020
- 12:26 PM
-
0
-
Attackers abuse Google DNS over HTTPS to download malware
More details have emerged on a malware sample that uses Google DNS over HTTPS to retrieve the stage 2 malicious payload.
- September 02, 2020
- 09:00 AM
-
3
-
Over 400 GOV.UK domains found on spam blacklists
Hundreds of domains managed by the U.K. government are on DNS-based blacklists creating email communication problems.
- September 01, 2020
- 07:30 AM
-
1
-
Slack pays stingy $1,750 reward for a desktop hijack vulnerability
A researcher responsibly disclosed multiple vulnerabilities to Slack that allowed an attacker to hijack a user's computer, and they were only rewarded a measly $1,750.
- August 30, 2020
- 11:31 AM
-
0
1
