Summary

Total Articles Found: 115

Top sources:

Top Keywords:

Top Authors

Top Articles:

  • Garmin allegedly paid for a decryptor for WastedLocker ransomware
  • Russian military plans to replace Windows with Astra Linux
  • UScellular data breach: attackers ported customer phone numbers
  • Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack
  • LastPass: hackers breached the computer of a DevOps engineer in a second attack
  • Critical RCE affects older Diebold Nixdorf ATMs
  • Heap-based buffer overflow in Linux Sudo allows local users to gain root privileges
  • Leaked confidential report states United Nations has been hacked
  • All versions of Apache Tomcat are affected by the Ghostcat flaw
  • From iPhone to NT AUTHORITY\SYSTEM – exploit ‘Printconfig’ dll with a real-world example

Polyfill.io Supply Chain Attack: 384,773 hosts still embedding a polyfill JS script linking to the malicious domain

🤖: ""JS attack detected""

Cybersecurity company Censys has identified over 380,000 hosts that are still referencing the malicious polyfill.io domain. Censys reported that over 380,000 internet-exposed hosts are still referencing the malicious polyfill.io domain. The polyfill.io domain was suspended last week following multiple reports of malicious activity. The domain Polyfill.io was used to host JavaScript code that added modern […]

...more

Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes

🤖: "Taylor's code cracked"

The threat actor Sp1d3rHunters leaked valid Taylor Swift ’s ERAS Tour barcodes threatening to leak more data and blackmailing Ticketmaster. A threat actor that goes online with the moniker Sp1d3rHunters leaked 170,000 valid barcodes for Taylor Swift’s ERAS Tour for free. The bar codes are valid for the upcoming concerts of Taylor Swift in Miami, […]

...more

Participants earned more than $1.3M at the Pwn2Own Automotive competition

Bug bounty hunters earned more than $1.3 million for hacking Teslas, infotainment systems, and electric vehicle chargers at the Pwn2Own Automotive competition. The Zero Day Initiative’s Pwn2Own Automotive competition has ended, participants demonstrated 49 zero-day vulnerabilities affecting automotive products earning a total of $1,323,750. The amazing Synacktiv team won the competition and earned a total […]

...more

Multiple flaws in pfSense firewall can lead to arbitrary code execution

Security flaws in Netgate pfSense firewall solution can potentially lead to arbitrary code execution on vulnerable devices. pfSense is a popular open-source firewall solution maintained by Netgate, researchers discovered multiple security issues affecting it. Researchers from SonarCloud discovered several security issues, Cross-Site Scripting (XSS) vulnerabilities and a Command Injection vulnerability in pfSense CE (CVE-2023-42325, CVE-2023-42327, CVE-2023-42326). The […]

...more

Bypassing major EDRs using Pool Party process injection techniques

Researchers devised a novel attack vector for process injection, dubbed Pool Party, that evades EDR solutions. Researchers from cybersecurity firm SafeBreach devised a set of process injection techniques, dubbed Pool Party, that allows bypassing EDR solutions. They presented the technique at Black Hat Europe 2023.  The experts relied on the less-explored Windows thread pools to discover […]

...more

Google fixed critical zero-click RCE in Android

Google fixed a critical zero-click RCE vulnerability (CVE-2023-40088) with the release of the December 2023 Android security updates. Google December 2023 Android security updates addressed 85 vulnerabilities, including a critical zero-click remote code execution (RCE) flaw tracked as CVE-2023-40088. The vulnerability resides in Android’s System component, it doesn’t require additional privileges to be triggered. An […]

...more

JumpCloud revealed it was hit by a sophisticated attack by a nation-state actor

Software firm JumpCloud announced it was the victim of a sophisticated cyber attack carried out by a nation-state actor. JumpCloud is a cloud-based directory service platform designed to manage user identities, devices, and applications in a seamless and secure manner. It allows IT administrators to centralize and simplify their identity and access management tasks across […] The post JumpCloud revealed it was hit by a sophisticated attack by a nation-state actor appeared first on Security Affairs.

...more

Researchers found DoS flaws in popular BGP implementation

Vulnerabilities in a software implementation of the Border Gateway Protocol (BGP) that could be weaponized to trigger a DoS condition on BGP peers. Forescout Vedere Labs researchers discovered multiple vulnerabilities in the software implementation of the Border Gateway Protocol (BGP). The issues reside in the BGP message parsing in version 8.4 of FRRouting implementation, a […] The post Researchers found DoS flaws in popular BGP implementation appeared first on Security Affairs.

...more

CISA adds Plex Media Server bug, exploited in LastPass attack, to Known Exploited Vulnerabilities Catalog

US CISA added remote code execution vulnerability in Plex Media Server to its Known Exploited Vulnerabilities Catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a remote code execution (RCE) vulnerability in the Plex Media Server, tracked as CVE-2020-5741 (CVSS score: 7.2), to its Known Exploited Vulnerabilities Catalog. The three-year-old high-severity flaw is a deserialization of […] The post CISA adds Plex Media Server bug, exploited in LastPass attack, to Known Exploited Vulnerabilities Catalog appeared first on Security Affairs.

...more

LastPass: hackers breached the computer of a DevOps engineer in a second attack

Threat actors hacked the home computer of a DevOp engineer, they installed a keylogger as part of a sophisticated cyber attack. Password management software firm LastPass disclosed a “second attack,” a threat actor used data stolen from the August security breach and combined it with information available from a third-party data breach. Then the attackers […] The post LastPass: hackers breached the computer of a DevOps engineer in a second attack appeared first on Security Affairs.

...more

Google Chrome 109 update addresses six security vulnerabilities

Google addressed six security vulnerabilities in its web browser Chrome, none of them actively exploited in the wild. Google released Chrome version 109.0.5414.119 for Mac and Linux and 109.0.5414.119/.120 for Windows to address a total of six vulnerabilities. Four of the addressed flaws were reported by external researchers that were awarded for more than $26,500 for their […] The post Google Chrome 109 update addresses six security vulnerabilities appeared first on Security Affairs.

...more

TikTok parent company ByteDance revealed the use of TikTok data to track journalists

ByteDance admitted that its employees accessed TikTok data to track journalists to identify the source of leaks to the media. TikTok parent company ByteDance revealed that several employees accessed the TikTok data of two journalists to investigate leaks of company information to the media.  According to an email from ByteDance’s general counsel Erich Andersen which […] The post TikTok parent company ByteDance revealed the use of TikTok data to track journalists appeared first on Security Affairs.

...more

PyTorch compromised to demonstrate dependency confusion attack on Python environments

Threat actors compromised the PyTorch Machine Learning Framework by adding a malicious dependency. The maintainers of the PyTorch package warn of a supply chain attack. Users who have installed PyTorch-nightly on Linux via pip between December 25, 2022 and December 30, 2022, to uninstall it and use the latest binaries. “If you installed PyTorch-nightly on […] The post PyTorch compromised to demonstrate dependency confusion attack on Python environments appeared first on Security Affairs.

...more

Samba addressed multiple high-severity vulnerabilities

Samba released updates to address multiple vulnerabilities that can be exploited to take control of impacted systems. Samba released updates to address multiple vulnerabilities, tracked as CVE-2022-38023, CVE-2022-37966, CVE-2022-37967, and CVE-2022-45141, that can be exploited to take control of impacted systems. On December 15, 2022, Samba announced the 4.17.4, 4.16.8 and 4.15.13 security releases to address […] The post Samba addressed multiple high-severity vulnerabilities appeared first on Security Affairs.

...more

Experts found a vulnerability in AWS AppSync

Amazon Web Services (AWS) fixed a cross-tenant vulnerability that could have allowed attackers to gain unauthorized access to resources. Amazon Web Services (AWS) has addressed a cross-tenant confused deputy problem in its platform that could have allowed threat actors to gain unauthorized access to resources. The problem was reported to the company by researchers from […] The post Experts found a vulnerability in AWS AppSync appeared first on Security Affairs.

...more

Experts warn of CVE-2022-42889 Text4Shell exploit attempts

Wordfence researchers warn of exploitation attempts targeting the recently disclosed flaw in Apache Commons Text dubbed Text4Shell. Experts at WordPress security firm Wordfence reported exploitation attempts targeting the recently disclosed flaw in Apache Commons Text dubbed Text4Shell. GitHub’s threat analyst Alvaro Munoz this week disclosed a remote code execution vulnerability, tracked as CVE-2022-42889 (CVSS score 9.8), in the open-source Apache Commons […] The post Experts warn of CVE-2022-42889 Text4Shell exploit attempts appeared first on Security Affairs.

...more

Google fixes a new actively exploited Chrome zero-day, it is the seventh one this year

Google Thursday released an emergency patch for Chrome 107 to address the actively exploited zero-day vulnerability CVE-2022-3723. Google released an emergency update for the Chrome 107 to address an actively exploited zero-day vulnerability tracked as CVE-2022-3723. The CVE-2022-3723 flaw is a type confusion issue that resides in the Chrome V8 Javascript engine. The flaw has been reported […] The post Google fixes a new actively exploited Chrome zero-day, it is the seventh one this year appeared first on Security Affairs.

...more

OnionPoison: malicious Tor Browser installer served through a popular Chinese YouTube channel

OnionPoison: researchers reported that an infected Tor Browser installer has been distributed through a popular YouTube channel. Kaspersky researchers discovered that a trojanized version of a Windows installer for the Tor Browser has been distributed through a popular Chinese-language YouTube channel. The campaign, named OnionPoison, targeted users located in China, where the Tor Browser website […] The post OnionPoison: malicious Tor Browser installer served through a popular Chinese YouTube channel appeared first on Security Affairs.

...more

Reflected XSS bugs in Canon Medical ’s Vitrea View could expose patient info

Trustwave researchers discovered two XSS flaws in Canon Medical ’s Vitrea View tool that could expose patient information. During a penetration test, Trustwave Spiderlabs’ researchers discovered two reflected cross-site scripting (XSS) vulnerabilities, collectively as CVE-2022-37461, in third-party software for Canon Medical’s Vitrea View. The Vitrea View tool allows viewing and securely share medical images through […] The post Reflected XSS bugs in Canon Medical ’s Vitrea View could expose patient info appeared first on Security Affairs.

...more

Experts uncovered novel Malware persistence within VMware ESXi Hypervisors

Researchers from Mandiant have discovered a novel malware persistence technique within VMware ESXi Hypervisors. Mandiant detailed a novel technique used by malware authors to achieve administrative access within VMware ESXi Hypervisors and take over vCenter servers and virtual machines for Windows and Linux to perform the following actions: Send commands to the hypervisor that will […] The post Experts uncovered novel Malware persistence within VMware ESXi Hypervisors appeared first on Security Affairs.

...more

Attackers impersonate CircleCI platform to compromise GitHub accounts

Threat actors target GitHub users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform. GitHub is warning of an ongoing phishing campaign targeting its users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform. The company learned of the attacks against its users on September […] The post Attackers impersonate CircleCI platform to compromise GitHub accounts appeared first on Security Affairs.

...more

Experts warn of critical flaws in Flexlan devices that provide WiFi on airplanes

Researchers discovered two critical vulnerabilities (CVE–2022–36158 and CVE–2022–36159) in Flexlan devices that provide WiFi on airplanes. Researchers from Necrum Security Labs discovered a couple of critical vulnerabilities, tracked as CVE–2022–36158 and CVE–2022–36159, impacting the Contec Flexlan FXA3000 and FXA2000 series LAN devices. The FXA3000 and FXA2000 Series are access points that are manufactured by Japan-based firm Contec […] The post Experts warn of critical flaws in Flexlan devices that provide WiFi on airplanes appeared first on Security Affairs.

...more

Google rolled out emergency fixes to address actively exploited Chrome zero-day

Published: 2022-09-03 15:37:55

Popularity: 45

Author: Pierluigi Paganini

Keywords:

  • Breaking News
  • Hacking
  • Security
  • Chrome
  • CVE-2022-3075
  • hacking news
  • information security news
  • Pierluigi Paganini
  • Security Affairs
  • Security News
  • zero-Day
  • Google rolled out emergency fixes to address a vulnerability in the Chrome web browser that is being actively exploited in the wild. Google on Friday released emergency fixes to address a vulnerability, tracked as CVE-2022-3075, in the Chrome web browser that is being actively exploited in the wild. The CVE-2022-3075 flaw is caused by insufficient data […] The post Google rolled out emergency fixes to address actively exploited Chrome zero-day appeared first on Security Affairs.

    ...more

    Crooks stole $375k from Premint NFT, it is one of the biggest NFT hacks ever

    Published: 2022-07-17 19:24:43

    Popularity: 15

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Cyber Crime
  • Digital ID
  • Hacking
  • hacking news
  • information security news
  • IT Information Security
  • NFT
  • Pierluigi Paganini
  • Security News
  • Threat actors hacked the popular NFT platform, Premint NFT and stole 314 NFTs. The popular NFT platform, Premint NFT, was hacked, the threat actors compromised its official website and stole 314 NFTs. According to the experts from blockchain security firm CertiK, this is one of the biggest NFT hacks on record. The analysis of the […] The post Crooks stole $375k from Premint NFT, it is one of the biggest NFT hacks ever appeared first on Security Affairs.

    ...more

    Former CIA employee Joshua Schulte was convicted of Vault 7 massive leak

    Former CIA programmer, Joshua Schulte, was convicted in a US federal court of the 2017 leak of a massive leak to WikiLeaks. The former CIA programmer Joshua Schulte (33) was found guilty in New York federal court of stealing the agency’s hacking tools and leaking them to WikiLeaks in 2017. The huge trove of data, […] The post Former CIA employee Joshua Schulte was convicted of Vault 7 massive leak appeared first on Security Affairs.

    ...more

    New Checkmate ransomware target QNAP NAS devices

    Taiwanese vendor QNAP wars of a new strain of ransomware, dubbed Checkmate, that is targeting its NAS devices. The Taiwanese vendor QNAP is warning of a new family of ransomware targeting its NAS devices using weak passwords. Threat actors are targeting devices exposed online with the SMB service enabled, they perform brute-force attacks against accounts […] The post New Checkmate ransomware target QNAP NAS devices appeared first on Security Affairs.

    ...more

    China-linked APT Bronze Starlight deploys ransomware as a smokescreen

    China-linked APT Bronze Starlight is deploying post-intrusion ransomware families as a diversionary action to its cyber espionage operations. Researchers from Secureworks reported that a China-linked APT group, tracked as Bronze Starlight (APT10), is deploying post-intrusion ransomware families to cover up the cyber espionage operations. The experts observed an activity cluster involving post-intrusion ransomware such as […] The post China-linked APT Bronze Starlight deploys ransomware as a smokescreen appeared first on Security Affairs.

    ...more

    Google TAG argues that Italian surveillance firm RCS Labs was helped by ISPs to infect mobile users

    Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on users. Researchers from Google’s Threat Analysis Group (TAG) revealed that the Italian surveillance firm RCS Labs was helped by some Internet service providers (ISPs) in Italy and Kazakhstan to infect Android and iOS users with […] The post Google TAG argues that Italian surveillance firm RCS Labs was helped by ISPs to infect mobile users appeared first on Security Affairs.

    ...more

    Using WiFi connection probe requests to track users

    Researchers at the University of Hamburg demonstrated that WiFi connection probe requests expose users to track. A group of academics at the University of Hamburg (Germany) demonstrated that it is possible to use WiFi connection probe requests to identify and track devices and thereby their users. Mobile devices transmit probe requests to receive information about […] The post Using WiFi connection probe requests to track users appeared first on Security Affairs.

    ...more

    PACMAN, a new attack technique against Apple M1 CPUs

    PACMAN is a new attack technique demonstrated against Apple M1 processor chipsets that could be used to hack macOS systems. PACMAN is a novel hardware attack technique that can allow attackers to bypass Pointer Authentication (PAC) on the Apple M1 CPU. The pointer authentication codes (PACs) allow to detect and guard against unexpected changes to pointers in memory. […] The post PACMAN, a new attack technique against Apple M1 CPUs appeared first on Security Affairs.

    ...more

    Threat actors target the infoSec community with fake PoC exploits

    Researchers uncovered a malware campaign targeting the infoSec community with fake Proof Of Concept to deliver a Cobalt Strike beacon. Researchers from threat intelligence firm Cyble uncovered a malware campaign targeting the infoSec community. The expert discovered a post where a researcher were sharing a fake Proof of Concept (POC) exploit code for an RPC Runtime Library […] The post Threat actors target the infoSec community with fake PoC exploits appeared first on Security Affairs.

    ...more

    Apple fixes the sixth zero-day since the beginning of 2022

    Apple released security updates to address a zero-day bug actively exploited in attacks against Macs and Apple Watch devices. Apple has addressed a zero-day vulnerability, tracked as CVE-2022-22675, actively exploited in attacks aimed at Macs and Apple Watch devices. The flaw is an out-of-bounds write issue that resides in the AppleAVD, it can lead to […] The post Apple fixes the sixth zero-day since the beginning of 2022 appeared first on Security Affairs.

    ...more

    Google addresses actively exploited Android flaw in the kernel

    Google released the May security bulletin for Android, 2022-05-05 security patch level, which fixed an actively exploited Linux kernel flaw. Google has released the second part of the May Security Bulletin for Android, which includes a fix for an actively exploited Linux kernel vulnerability tracked as CVE-2021-22600. The CVE-2021-22600 is a privilege escalation issue that […] The post Google addresses actively exploited Android flaw in the kernel appeared first on Security Affairs.

    ...more

    A DNS flaw impacts a library used by millions of IoT devices

    A vulnerability in the domain name system (DNS) component of the uClibc library impacts millions of IoT products. Nozomi Networks warns of a vulnerability, tracked as CVE-2022-05-02, in the domain name system (DNS) component of the uClibc library which is used by a large number of IoT products. The flaw also affects DNS implementation of all versions of the uClibc-ng […] The post A DNS flaw impacts a library used by millions of IoT devices appeared first on Security Affairs.

    ...more

    FFDroider, a new information-stealing malware disguised as Telegram app

    Cybersecurity researchers spotted a new Windows information-stealing malware, named FFDroider, designed to steal credentials and cookies. Cybersecurity researchers from Zscaler ThreatLabz warn of a new information-stealing malware, named FFDroider, that disguises itself as the popular instant messaging app Telegram. The malware was derived to siphon credentials and cookies from infected machines. “Recently, ThreatLabz identified a novel windows […] The post FFDroider, a new information-stealing malware disguised as Telegram app appeared first on Security Affairs.

    ...more

    Lapsus$ extortion gang leaked the source code for some Microsoft projects

    The Lapsus$ extortion group claims to have hacked Microsoft ‘s internal Azure DevOps server and leaked the source code for some projects. Microsoft recently announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. On Sunday, the Lapsus$ gang announced to have compromised Microsoft’s Azure DevOps […] The post Lapsus$ extortion gang leaked the source code for some Microsoft projects appeared first on Security Affairs.

    ...more

    HP addressed 16 UEFI firmware flaws impacting laptops, desktops, PoS systems

    Published: 2022-03-09 11:40:50

    Popularity: 4

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Hacking
  • Firmware
  • hacking news
  • information security news
  • IT Information Security
  • Pierluigi Paganini
  • Security Affairs
  • Security News
  • UEFI
  • Researchers disclosed 16 high-severity flaws in different implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. Researchers from cybersecurity firm Binarly discovered 16 high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. An attacker can exploit these vulnerabilities to implant a firmware that survives […] The post HP addressed 16 UEFI firmware flaws impacting laptops, desktops, PoS systems appeared first on Security Affairs.

    ...more

    Popular open-source PJSIP library is affected by critical flaws

    Published: 2022-03-02 22:41:45

    Popularity: 18

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Hacking
  • Security
  • hacking news
  • information security news
  • IT Information Security
  • Pierluigi Paganini
  • PJSIP
  • Security Affairs
  • Security News
  • Researchers from JFrog’s Security Research team discovered five vulnerabilities in the PJSIP open-source multimedia communication library. Researchers from JFrog’s Security Research team discovered five vulnerabilities in the popular PJSIP open-source multimedia communication library. PJSIP is a communication library written in C language implementing standard-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. It […] The post Popular open-source PJSIP library is affected by critical flaws appeared first on Security Affairs.

    ...more

    Iran-linked TunnelVision APT is actively exploiting the Log4j vulnerability

    Iran-linked TunnelVision APT group is actively exploiting the Log4j vulnerability to deploy ransomware on unpatched VMware Horizon servers. Researchers from SentinelOne have observed the potentially destructive Iran-linked APT group TunnelVision is actively exploiting the Log4j vulnerability to deploy ransomware on unpatched VMware Horizon servers. TunnelVision’s TTPs overlap with the ones associated with Iran-linked nation-state actors Phosphorus, Charming Kitten […] The post Iran-linked TunnelVision APT is actively exploiting the Log4j vulnerability appeared first on Security Affairs.

    ...more

    Critical RCE flaws in PHP Everywhere WordPress plugin affect thousands of sites

    WordPress plugin PHP Everywhere is affected by three critical issues that can be exploited to execute arbitrary code on affected systems. Wordfence experts found three critical remote code execution vulnerabilities in the PHP Everywhere WordPress plugin, all the issues have received a CVSS score of 9.9. The plugin that allows WordPress admins to insert PHP code […] The post Critical RCE flaws in PHP Everywhere WordPress plugin affect thousands of sites appeared first on Security Affairs.

    ...more

    Hundreds of thousands of routers exposed to Eternal Silence campaign via UPnP

    A hacking campaign, tracked as Eternal Silence, is abusing UPnP to compromise routers and use them to carry out malicious activities. Researchers from Akamai have spotted a malicious campaign, tracked as ‘Eternal Silence,’ that is abusing Universal Plug and Play (UPnP) to turn routers into a proxy server used to carry out a broad range […] The post Hundreds of thousands of routers exposed to Eternal Silence campaign via UPnP appeared first on Security Affairs.

    ...more

    Google Project Zero discloses details of two Zoom zero-day flaws

    Google Project Zero experts disclosed details of two zero-day flaws impacting Zoom clients and Multimedia Router (MMR) servers. Google Project Zero researchers Natalie Silvanovich disclosed details of two zero-day vulnerabilities in Zoom clients and Multimedia Router (MMR) servers. An attacker could have exploited the now-fixed issues to crash the service, execute malicious code, and even leak the content […] The post Google Project Zero discloses details of two Zoom zero-day flaws appeared first on Security Affairs.

    ...more

    VMware fixed CVE-2021-22045 heap-overflow in Workstation, Fusion and ESXi

    VMware addressed a heap-overflow issue (CVE-2021-22045) in Workstation, Fusion and CVE-2021-22045 products that can lead to code execution on the hypervisor. VMware released security updates to address a heap-overflow vulnerability, tracked as CVE-2021-22045, in its Workstation, Fusion and ESXi products. VMware has addressed the vulnerability with the release of ESXi670-202111101-SG, ESXi650-202110101-SG, Workstation 16.2.0, and Fusion […] The post VMware fixed CVE-2021-22045 heap-overflow in Workstation, Fusion and ESXi appeared first on Security Affairs.

    ...more

    SEGA Europe left AWS S3 bucket unsecured exposing data and infrastructure to attack

    SEGA Europe inadvertently left users’ personal information publicly accessible on Amazon Web Services (AWS) S3 bucket. SEGA Europe inadvertently left users’ personal information publicly accessible on Amazon Web Services (AWS) S3 bucket.  At the end of the year, gaming giant SEGA Europe inadvertently left users’ personal information publicly accessible on Amazon Web Services (AWS) S3 bucket, cybersecurity firm VPN […] The post SEGA Europe left AWS S3 bucket unsecured exposing data and infrastructure to attack appeared first on Security Affairs.

    ...more

    Y2k22 bug in Microsoft Exchange causes failure in email delivery

    Y2k22 bug is causing Microsoft Exchange on-premise servers to fail in delivering email starting on January 1st, 2022. Microsoft Exchange on-premise servers cannot deliver emails starting on January 1st, 2022, due to a bug in the FIP-FS anti-malware scanning engine dubbed Y2k22 bug. FIP-FS is the anti-malware scanning engine used by Microsoft to protect its […] The post Y2k22 bug in Microsoft Exchange causes failure in email delivery appeared first on Security Affairs.

    ...more

    Multiple flaws in Netgear Nighthawk R6700v3 router are still unpatched

    Researchers discovered multiple high-risk vulnerabilities affecting the latest firmware version for the Netgear Nighthawk R6700v3 router. Researchers from Tenable have discovered multiple vulnerabilities in the latest firmware version (version 1.0.4.120) of the popular Netgear Nighthawk R6700v3 WiFi router. An attacker can trigger the vulnerabilities to take full control of the vulnerable devices. Below is the […] The post Multiple flaws in Netgear Nighthawk R6700v3 router are still unpatched appeared first on Security Affairs.

    ...more

    Apache releases the third patch to address a new Log4j flaw

    Published: 2021-12-18 15:20:12

    Popularity: 34

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Hacking
  • hacking news
  • information security news
  • IT Information Security
  • Log4j
  • Pierluigi Paganini
  • Security Affairs
  • Security News
  • Multiple flaws in the Log4J library are scaring organizations worldwide while threat actors are already exploiting them. 2.17 is the third fix issued in a week. While the experts were warning that threat actors are actively attempting to exploit a second vulnerability, tracked as CVE-2021-45046, disclosed in the Log4j library a third security vulnerability made the headlines. […] The post Apache releases the third patch to address a new Log4j flaw appeared first on Security Affairs.

    ...more

    Western Digital customers have to update their My Cloud devices to latest firmware version

    My Cloud OS firmware is reaching the end of support, Western Digital customers have to update their WD My Cloud devices to the latest version. Western Digital is urging customers to update their WD My Cloud devices to the latest firmware version to continues receiving security updates on My Cloud OS firmware that is reaching […] The post Western Digital customers have to update their My Cloud devices to latest firmware version appeared first on Security Affairs.

    ...more

    Exclusive: Resecurity discovered 0-day vulnerability in TP-Link Wi-Fi 6 devices

    Published: 2021-11-26 14:39:52

    Popularity: None

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Hacking
  • Security
  • hacking news
  • Hacking Team
  • information security news
  • IT Information Security
  • Security Affairs
  • Security News
  • TP-Link
  • zero-Day
  • Resecurity researchers found a zero-day vulnerability in the TP-Link enterprise device with model number TL-XVR1800L. Resecurity, a Los Angeles-based cybersecurity company has identified an active a zero-day vulnerability in the TP-Link device with model number TL-XVR1800L (Enterprise AX1800 Dual Band Gigabit Wi-Fi 6 Wireless VPN Router), which is primarily suited to enterprises. The identified vulnerability […] The post Exclusive: Resecurity discovered 0-day vulnerability in TP-Link Wi-Fi 6 devices appeared first on Security Affairs.

    ...more

    Experts found 14 new flaws in BusyBox, millions of devices at risk

    Published: 2021-11-10 11:28:49

    Popularity: 38

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Hacking
  • hacking news
  • information security news
  • IT Information Security
  • LINUX
  • Security Affairs
  • Security News
  • Researchers have identified a total of 14 new vulnerabilities in BusyBox that expose million of Unix-based devices to cyberattacks. Researchers from software development company JFrog and industrial cybersecurity firm Claroty have identified a total of 14 new critical vulnerabilities in BusyBox. The software is used by many network appliances and embedded devices with limited memory […] The post Experts found 14 new flaws in BusyBox, millions of devices at risk appeared first on Security Affairs.

    ...more

    Boffins devise a new side-channel attack affecting all AMD CPUs

    A group of researchers from the Graz University of Technology and CISPA Helmholtz Center for Information Security devised a new side-channel attack that affects AMD CPUs. Researchers Moritz Lipp and Daniel Gruss of the Graz University of Technology and Michael Schwarz of the CISPA Helmholtz Center for Information Security devised a new side-channel attack that […] The post Boffins devise a new side-channel attack affecting all AMD CPUs appeared first on Security Affairs.

    ...more

    Operation GhostShell: MalKamak APT targets aerospace and telco firms

    Operation GhostShell: Threat actors used ShellClient malware in cyberespionage campaigns aimed at companies in the aerospace and telecommunications sectors. Hackers use stealthy ShellClient malware on aerospace, telco firms Cybereason Nocturnus and Incident Response Teams discovered a new threat actor that is targeting organizations in the aerospace and telecommunications sectors with the ShellClient malware as part […] The post Operation GhostShell: MalKamak APT targets aerospace and telco firms appeared first on Security Affairs.

    ...more

    Zoho warns of zero-day authentication bypass flaw actively exploited

    Zoho urges customers to address an authentication bypass vulnerability in its ManageEngine ADSelfService Plus that is actively exploited in the wild. Zoho has released a security patch to address an authentication bypass vulnerability, tracked as CVE-2021-40539, in its ManageEngine ADSelfService Plus. The company also warns the vulnerability is already exploited in attacks in the wild. […] The post Zoho warns of zero-day authentication bypass flaw actively exploited appeared first on Security Affairs.

    ...more

    Three formers NSA employees fined for providing hacker-for-hire services to UAE firm

    Three former NSA employees entered into a deferred prosecution agreement that restricts their future activities and employment and requires the payment of a penalty. Three former NSA employees (Marc Baier, 49, Ryan Adams, 34, and Daniel Gericke, 40) entered into a deferred prosecution agreement that restricts their future activities and employment. The trio has worked as hackers-for-hire […] The post Three formers NSA employees fined for providing hacker-for-hire services to UAE firm appeared first on Security Affairs.

    ...more

    Telegram is becoming the paradise of cyber criminals

    Telegram is becoming an essential platform for cybercriminal activities, crooks use it but and sell any kind of stolen data and hacking tools. Many experts believe that the popular Telegram app is an efficient alternative to dark web marketplaces, its channels are used by hacking communities and cybercriminals to buy and sell stolen data, accesses […] The post Telegram is becoming the paradise of cyber criminals appeared first on Security Affairs.

    ...more

    WhatsApp CVE-2020-1910 bug could have led to user data exposure

    The now-fixed CVE-2020-1910 vulnerability in WhatApp ‘s image filter feature could have exposed user data to remote attackers. A high-severity security vulnerability in WhatApp’s image filter feature, tracked as CVE-2020-1910, could have been exploited by attackers to read sensitive information from the app’s memory by simply sending a specially crafted image over the messaging app […] The post WhatsApp CVE-2020-1910 bug could have led to user data exposure appeared first on Security Affairs.

    ...more

    CVE-2021-3711 in OpenSSL can allow to change an application’s behavior

    The OpenSSL Project patched a high-severity vulnerability, tracked as CVE-2021-3711, that can allow an attacker to change an application’s behavior or cause the app to crash. The OpenSSL Project released the OpenSSL 1.1.1l version that addresses a high-severity buffer overflow flaw, tracked as CVE-2021-3711, that could allow an attacker to change an application’s behavior or […] The post CVE-2021-3711 in OpenSSL can allow to change an application’s behavior appeared first on Security Affairs.

    ...more

    Adobe fixes critical flaws in Magento, patch it immediately

    Adobe security updates for August 2021 have addressed critical vulnerabilities in Magento and important bugs in Adobe Connect. Adobe security updates for August 2021 address a total of 29 flaws, including critical vulnerabilities in Magento and important issues in Adobe Connect: APSB21-64 Security updates available for Magento APSB21-66 Security update available for Adobe Connect Multiple critical vulnerabilities could be […] The post Adobe fixes critical flaws in Magento, patch it immediately appeared first on Security Affairs.

    ...more

    VMware addresses critical flaws in its products

    Published: 2021-08-06 10:29:04

    Popularity: None

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Security
  • Hacking
  • hacking news
  • information security news
  • IT Information Security
  • Pierluigi Paganini
  • Security Affairs
  • Security News
  • VMware has addressed a critical vulnerability that affects multiple products that could be exploited to gain access to confidential information. VMware has released security updates to address multiple flaws in its products, including a critical issue that could allow an attacker to access confidential information. A couple of vulnerabilities tracked as CVE-2021-22002 and CVE-2021-22003, impact Workspace […] The post VMware addresses critical flaws in its products appeared first on Security Affairs.

    ...more

    Approximatively 1,500 businesses impacted by the ransomware attack that hit Kaseya

    Kaseya confirmed that the REvil supply-chain ransomware attack hit fewer than 60 of its customers and their customers. Software provider Kaseya announced that fewer than 60 of its customers and less than 1,500 businesses have been impacted by the recent supply-chain ransomware attack. Up to 1,500 downstream organizations, which were customers of MSPs using Kaseya VSA management […] The post Approximatively 1,500 businesses impacted by the ransomware attack that hit Kaseya appeared first on Security Affairs.

    ...more

    Experts bypassed Microsoft’s emergency patch for the PrintNightmare

    Published: 2021-07-08 07:34:54

    Popularity: 11

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Hacking
  • Cybersecurity
  • hacking news
  • information security news
  • Microsoft
  • Pierluigi Paganini
  • PrintNightmare
  • Security Affairs
  • Security News
  • The emergency patch for the PrintNightmare vulnerability released by Microsoft is incomplete and still allows RCE. Yesterday, Microsoft has released an out-of-band KB5004945 security update to address the PrintNightmare vulnerability, unfortunately, the patch is incomplete and still allows remote code execution. Researchers have demonstrated that it is possible to bypass the emergency patch to achieve remote code execution […] The post Experts bypassed Microsoft’s emergency patch for the PrintNightmare appeared first on Security Affairs.

    ...more

    SonicWall addresses critical CVE-2021-20026 flaw in NSM devices

    Positive Technologies experts provide details about potential impact of a recently fixes command injection flaw in SonicWall NSM devices. Positive Technologies researcher Nikita Abramov has provided details about the CVE-2021-20026 command injection vulnerability that affects SonicWall’s Network Security Manager (NSM) product. At the end of May, SonicWall urged its customers to ‘immediately’ address a post-authentication vulnerability, tracked […] The post SonicWall addresses critical CVE-2021-20026 flaw in NSM devices appeared first on Security Affairs.

    ...more

    Hacker leaks info of pro-Trump GETTR members online

    A hacker has leaked claims to have breached pro-Trump GETTR and leaked the private information of almost 90,000 members on a hacking forum. GETTR is a new pro-Trump social media platform created by Jason Miller, a former Trump advisor, the Twitter-like platform suffered a data breach. The security breach comes a few hours after its […] The post Hacker leaks info of pro-Trump GETTR members online appeared first on Security Affairs.

    ...more

    Experts found an RCE vulnerability in QNAP Q’center

    Researchers at cybersecurity firm Shielder discovered a remote code execution on QNAP Q’center through a manipulated QPKG installation package. Researchers at cybersecurity firm Shielder discovered a remote code execution flaw on QNAP Q’center through a manipulated QPKG installation package. The vulnerability was discovered by the cyber security expert`zi0Black` from Shielder Q’center now provides Q’center Virtual […] The post Experts found an RCE vulnerability in QNAP Q’center appeared first on Security Affairs.

    ...more

    CVE-2021-3560 flaw in polkit auth system service affects most of Linux distros

    An authentication bypass flaw in the polkit auth system service used on most Linux distros can allow to get a root shell. An authentication bypass vulnerability in the polkit auth system service, tracked as CVE-2021-3560, which is used on most Linux distros can allow an unprivileged attacker to get a root shell. “A flaw was found […] The post CVE-2021-3560 flaw in polkit auth system service affects most of Linux distros appeared first on Security Affairs.

    ...more

    Siloscape, first known malware that drops a backdoor into Kubernetes clusters

    Siloscape is a new strain of malware that targets Windows Server containers to execute code on the underlying node and spread in the Kubernetes cluster. Researchers from Palo Alto Networks have spotted a piece of malware that targets Windows Server containers to execute code on the underlying node and then drop a backdoor into Kubernetes […] The post Siloscape, first known malware that drops a backdoor into Kubernetes clusters appeared first on Security Affairs.

    ...more

    Flaws in Realtek RTL8170C Wi-Fi module allow hijacking wireless communications

    Researchers found multiple flaws in the Realtek RTL8170C Wi-Fi module that could be exploited to elevate privileges and hijack wireless communications. Researchers from Israeli IoT security firm Vdoo found multiple vulnerabilities in the Realtek RTL8170C Wi-Fi module that could allow to elevate privileges and hijack wireless communications. The Realtek RTL8710C module is based on a […] The post Flaws in Realtek RTL8170C Wi-Fi module allow hijacking wireless communications appeared first on Security Affairs.

    ...more

    Hacking the infotainment system used in Mercedes-Benz cars

    Security researchers identified five vulnerabilities in the infotainment system in Mercedes-Benz cars, four of them are remotely exploitable. Security researchers with Tencent Security Keen Lab identified five vulnerabilities, tracked as CVE-2021-23906, CVE-2021-23907, CVE-2021-23908, CVE-2021-23909, and CVE-2021-23910, in the latest infotainment system in Mercedes-Benz cars. The experts focused their analysis on the Mercedes-Benz User Experience (MBUX) […] The post Hacking the infotainment system used in Mercedes-Benz cars appeared first on Security Affairs.

    ...more

    Google addresses 4 zero-day flaws in Android exploited in the wild

    Google released Android Security Bulletin for May 2021 security updates that address four zero-day vulnerabilities that were exploited in the wild. Android Security Bulletin for May 2021 security updates address four zero-day vulnerabilities, tracked as CVE-2021-1905, CVE-2021-1906, CVE-2021-28663 and CVE-2021-28664, that were actively exploited in the wild. The four vulnerabilities impact Qualcomm GPU and Arm […] The post Google addresses 4 zero-day flaws in Android exploited in the wild appeared first on Security Affairs.

    ...more

    Anker fixed an issue that caused access to Eufy video camera feeds to random users

    A misconfiguration issue in the software used by the Eufy video camera exposed private information and video streams of customers. Chinese electronics vendor Anker has recently addressed a bug that mistakenly exposed private information and video streams of customers using its Eufy video cameras. The issue was caused by a misconfiguration, but the vendor told […] The post Anker fixed an issue that caused access to Eufy video camera feeds to random users appeared first on Security Affairs.

    ...more

    Google discovered a new variant of Rowhammer attack dubbed Half-Double

    Google experts discovered a new variant of Rowhammer attack against RAM memory cards that bypasses all current defenses Google researchers discovered a new variant of Rowhammer attacks, dubbed “Half-Double,” that allows bypassing all current defenses. In 2015, security researchers at Google’s Project Zero team demonstrated how to hijack the Intel-compatible PCs running Linux by exploiting the physical […] The post Google discovered a new variant of Rowhammer attack dubbed Half-Double appeared first on Security Affairs.

    ...more

    TsuNAME flaw exposes DNS servers to DDoS attacks

    A flaw in some DNS resolvers, tracked as TsuNAME, can allow attackers to launch DDoS attacks against authoritative DNS servers. Researchers at SIDN Labs (the R&D team of the registry for .nl domains), InternetNZ (the registry for .nz domains), and the Information Science Institute at the University of Southern California has discovered a vulnerability, named […] The post TsuNAME flaw exposes DNS servers to DDoS attacks appeared first on Security Affairs.

    ...more

    Attackers are abusing GitHub infrastructure to mine cryptocurrency

    🤖: "Cryptocurrency mining fail"

    The popular code repository hosting service GitHub is investigating a crypto-mining campaign abusing its infrastructure. Code repository hosting service GitHub launched an investigation in a series of attacks aimed at abusing its infrastructure to illicitly mine cryptocurrency. Such kind of attacks was reported at least since the end of 2020, when some software developers reported the malicious activity […] The post Attackers are abusing GitHub infrastructure to mine cryptocurrency appeared first on Security Affairs.

    ...more

    Experts found two flaws in Facebook for WordPress Plugin

    A critical flaw in the official Facebook for WordPress plugin could be abused exploited for remote code execution attacks. Researchers at Wordfence have discovered two vulnerabilities in the Facebook for WordPress plugin, which has more than 500,000 active installations. The plugin allows administrators to capture the actions people take while interacting with their page, such […] The post Experts found two flaws in Facebook for WordPress Plugin appeared first on Security Affairs.

    ...more

    Adobe addresses a critical vulnerability in ColdFusion product

    Adobe has released security updates to address a critical vulnerability in the ColdFusion product (versions 2021, 2016, and 2018) that could lead to arbitrary code execution.  Adobe has released security patches to address a critical vulnerability in Adobe ColdFusion that could be exploited by attackers to execute arbitrary code on vulnerable systems. The issue, tracked as CVE-2021-21087 is […] The post Adobe addresses a critical vulnerability in ColdFusion product appeared first on Security Affairs.

    ...more

    VMware addresses a critical RCE issue in vCenter Server

    VMware addressed a critical remote code execution flaw, tracked as CVE-2021-21972, in vCenter Server virtual infrastructure management platform. VMware has addressed a critical remote code execution (RCE) vulnerability in the vCenter Server virtual infrastructure management platform, tracked as CVE-2021-21972, that could be exploited by attackers to potentially take control of affected systems. vCenter Server is the centralized […] The post VMware addresses a critical RCE issue in vCenter Server appeared first on Security Affairs.

    ...more

    Experts found critical flaws in Realtek Wi-Fi Module

    Critical flaws in the Realtek RTL8195A Wi-Fi module could have been exploited to gain root access and take over devices’ wireless communications. Researchers from Israeli IoT security firm Vdoo found six vulnerabilities in the Realtek RTL8195A Wi-Fi module that could have been exploited to gain root access and take control of a device’s wireless communications. […] The post Experts found critical flaws in Realtek Wi-Fi Module appeared first on Security Affairs.

    ...more

    UScellular data breach: attackers ported customer phone numbers

    US wireless carrier UScellular discloses data breach, personal information of customers may have been exposed and their phone numbers ported. US wireless carrier UScellular discloses a data breach that exposed personal information of its customers. United States Cellular Corporation, is the fourth-largest wireless carrier in the United States, with over 4.9 million customers in 426 […] The post UScellular data breach: attackers ported customer phone numbers appeared first on Security Affairs.

    ...more

    Experts addressed flaws in Popup Builder WordPress plugin

    Multiple issues in WordPress ‘Popup Builder’ Plugin could be exploited by hackers to perform various malicious actions on affected websites. Developers behind the “Popup Builder – Responsive WordPress Pop up – Subscription & Newsletter” WordPress plugin have recently addressed multiple vulnerabilities that can be exploited to perform various malicious actions on affected websites. The plugin […] The post Experts addressed flaws in Popup Builder WordPress plugin appeared first on Security Affairs.

    ...more

    Heap-based buffer overflow in Linux Sudo allows local users to gain root privileges

    CVE-2021-3156 Sudo vulnerability has allowed any local user to gain root privileges on Unix-like operating systems without authentication. Sudo is one of the most important, powerful, and commonly used utilities that comes as a core command pre-installed on macOS and almost every UNIX or Linux-based operating system. sudo is a program for Unix-like computer operating systems that allows […] The post Heap-based buffer overflow in Linux Sudo allows local users to gain root privileges appeared first on Security Affairs.

    ...more

    Security firm SonicWall was victim of a coordinated attack

    Published: 2021-01-23 10:05:28

    Popularity: None

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Hacking
  • hacking news
  • information security news
  • IT Information Security
  • malware
  • Pierluigi Paganini
  • Security Affairs
  • Security News
  • SonicWall
  • The Hacker News reported in exclusive that the security firm SonicWall was hacked as a result of a coordinated attack on its internal systems. TheHackerNews revealed in an exclusive that the security provider SonicWall was hacked on Friday. The company was targeted with a coordinated attack on its internal systems, threat actors exploited zero-day vulnerabilities […] The post Security firm SonicWall was victim of a coordinated attack appeared first on Security Affairs.

    ...more

    Two kids found a screensaver bypass in Linux Mint

    The development team behind the Linux Mint distro has fixed a security flaw that could have allowed users to bypass the OS screensaver. The maintainers of the Linux Mint project have addressed a security bug that could have allowed attackers to bypass the OS screensaver. The curious aspect of this vulnerability is related to its […] The post Two kids found a screensaver bypass in Linux Mint appeared first on Security Affairs.

    ...more

    Thousands of WordPress WooCommerce stores potentially exposed to hack

    Hackers are attempting to exploit multiple vulnerabilities in the Discount Rules for WooCommerce WordPress plugin, which has 30,000+ installations. Researchers from security firm WebArx reported that Hackers are actively attempting to exploit numerous flaws in the Discount Rules for WooCommerce WordPress plugin. The list of vulnerabilities includes SQL injection, authorization flaws, and unauthenticated stored cross-site scripting (XSS) security vulnerabilities. Discount […] The post Thousands of WordPress WooCommerce stores potentially exposed to hack appeared first on Security Affairs.

    ...more

    PoC exploit code for two Apache Struts 2 flaws available online

    Security researchers have discovered a PoC exploit code available online that can be used to trigger unpatched security flaws in Apache Struts 2. Security researchers have discovered a PoC code and exploit available on GitHub that that can be used to trigger the security vulnerabilities in Apache Struts 2. The Proof-of-concept exploit code was released […] The post PoC exploit code for two Apache Struts 2 flaws available online appeared first on Security Affairs.

    ...more

    Garmin allegedly paid for a decryptor for WastedLocker ransomware

    BleepingComputer researchers confirmed that Garmin has received the decryption key to recover their files encrypted with the WastedLocker Ransomware. BleepingComputer first revealed that Garmin has received the decryption key to recover the files encrypted with the WastedLocker Ransomware in the recent attack. On July 23, smartwatch and wearables maker Garmin has shut down several of its services […] The post Garmin allegedly paid for a decryptor for WastedLocker ransomware appeared first on Security Affairs.

    ...more

    Expert discloses details of 3 Tor zero-day flaws … new ones to come

    A security researcher published the details about two Tor zero-day vulnerabilities and plans to release three more flaws. The security researcher Dr. Neal Krawetz has published technical details about two Tor zero-day vulnerabilities over the past week and promises to release three more. Oppressive regimes could exploit these Tor zero-day flaws to prevent users from […] The post Expert discloses details of 3 Tor zero-day flaws … new ones to come appeared first on Security Affairs.

    ...more

    Adobe fixed critical code execution flaws in Bridge, Photoshop and Prelude products

    This week, Adobe has addressed several critical code execution vulnerabilities in its Bridge, Photoshop and Prelude products. Adobe has released security updates to address several critical code execution vulnerabilities in its Bridge, Photoshop and Prelude products. “Adobe has published security bulletins for Adobe Bridge (APSB20-44), Adobe Photoshop (APSB20-45), Adobe Prelude (APSB20-46) and Adobe Reader Mobile […] The post Adobe fixed critical code execution flaws in Bridge, Photoshop and Prelude products appeared first on Security Affairs.

    ...more

    Zoom is working on a patch for a zero-day in Windows client

    Published: 2020-07-09 23:11:06

    Popularity: None

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Hacking
  • information security news
  • IT Information Security
  • malware
  • Pierluigi Paganini
  • RCE
  • Security Affairs
  • Security News
  • Zoom
  • Researchers from cyber-security firm ACROS Security have disclosed a zero-day vulnerability in the Windows client of the popular Zoom video conferencing platform. Researchers from cyber-security firm ACROS Security have disclosed a zero-day vulnerability in the Windows client of the video conferencing software Zoom. The vulnerability is a remote code execution issue, which could allow the […] The post Zoom is working on a patch for a zero-day in Windows client appeared first on Security Affairs.

    ...more

    Cisco Talos discloses technicals details of Chrome, Firefox flaws

    Cisco’s Talos experts disclosed the details of recently patched vulnerabilities affecting the popular Chrome and Firefox web browsers. Researchers from Cisco Talos disclosed technical details of recently patched vulnerabilities affecting the popular Chrome and Firefox web browsers. The first issue, tracked as CVE-2020-6463, is a memory corruption vulnerability that affects PDFium, an open source PDF […] The post Cisco Talos discloses technicals details of Chrome, Firefox flaws appeared first on Security Affairs.

    ...more

    Flaws in mobile Internet protocol GTP allow hackers to target 5G users

    Security vulnerabilities in modern communication protocol GTP used by mobile network operators can be exploited by attackers to target 4G/5G users. Researchers at cybersecurity firm Positive Technologies Security have discovered several vulnerabilities in communication protocol GPRS Tunnelling Protocol (GTP), that is used by mobile network operators (MNOs). Threat actors could exploit these flaws to conduct several […] The post Flaws in mobile Internet protocol GTP allow hackers to target 5G users appeared first on Security Affairs.

    ...more

    A high-severity flaw affects VMware Workstation, Fusion and vSphere products.

    VMware has addressed a high-severity information disclosure vulnerability affecting its Workstation, Fusion and vSphere virtualization products. VMware has addressed a high-severity information disclosure vulnerability, tracked as CVE-2020-3960, that affects its Workstation, Fusion and vSphere virtualization products. The CVE-2020-3960 flaw was discovered by Cfir Cohen, a researcher from Google’s cloud security team. ESXi, Workstation and Fusion […] The post A high-severity flaw affects VMware Workstation, Fusion and vSphere products. appeared first on Security Affairs.

    ...more

    Two issues in Zoom could have allowed code execution

    Published: 2020-06-03 23:10:57

    Popularity: 68

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Hacking
  • hacking news
  • information security news
  • it security
  • it security affairs
  • it security news
  • Security News
  • Zoom
  • Researchers from Cisco Talos disclosed two critical flaws in the Zoom software that could have allowed attackers to hack into the systems via chat. Zoom is one of the most popular video-conferencing software, every day it is used by millions of users, especially during the COVID outbreak. Cybersecurity researchers from Cisco Talos have disclosed two critical vulnerabilities […] The post Two issues in Zoom could have allowed code execution appeared first on Security Affairs.

    ...more

    New strain of Cerberus Android banking trojan can steal Google Authenticator codes

    Published: 2020-02-27 13:21:26

    Popularity: 74

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Cyber Crime
  • Malware
  • Mobile
  • Android
  • Cerberus
  • it security
  • it security news
  • malware
  • Security Affairs
  • security affairs news
  • Security News
  • Trojan
  • 🤖: "Trojan alert"

    Experts found a new version of the Cerberus Android banking trojan that can steal one-time codes generated by the Google Authenticator app and bypass 2FA. Security researchers from ThreatFabric warn of a new Android malware strain can now steal one-time passcodes (OTP) generated through Google Authenticator that is used as part of 2FA to protect online […] The post New strain of Cerberus Android banking trojan can steal Google Authenticator codes appeared first on Security Affairs.

    ...more

    All versions of Apache Tomcat are affected by the Ghostcat flaw

    Published: 2020-02-28 22:45:13

    Popularity: 109

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Hacking
  • Apache Tomcat
  • Ghostcat
  • information security news
  • it security
  • it security news
  • Pierluigi Paganini
  • Security Affairs
  • Security News
  • Ghostcat flaw affects all versions of Apache Tomcat and could be exploited by hackers to read configuration files or install backdoors on vulnerable servers. All versions of Apache Tomcat are affected by a vulnerability dubbed Ghostcat that could be exploited by attackers to read configuration files or install backdoors on vulnerable servers. The vulnerability, tracked as […] The post All versions of Apache Tomcat are affected by the Ghostcat flaw appeared first on Security Affairs.

    ...more

    Microsoft announces the launch of a bug bounty program for Xbox

    Published: 2020-02-02 13:00:11

    Popularity: 38

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Hacking
  • Security
  • Bug Bounty
  • hacking news
  • information security news
  • Pierluigi Paganini
  • Security Affairs
  • Security News
  • XBox
  • Microsoft announced the launch of an Xbox bug bounty program with rewards of up to $20,000 for critical remote code execution flaws. Microsoft is going to launch an Xbox bug bounty program that will pay rewards of up to $20,000 for critical remote code execution vulnerabilities. “The Xbox Bounty Program invites gamers, security researchers, and […] The post Microsoft announces the launch of a bug bounty program for Xbox appeared first on Security Affairs.

    ...more

    Leaked confidential report states United Nations has been hacked

    A leaked confidential report from the United Nations revealed that dozens of servers belonging to United Nations were “compromised” at offices in Geneva and Vienna. An internal confidential report from the United Nations that was leaked to The New Humanitarian revealed that dozens of servers of the organization were “compromised” at offices in Geneva and […] The post Leaked confidential report states United Nations has been hacked appeared first on Security Affairs.

    ...more

    Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

    Published: 2020-01-25 13:21:43

    Popularity: 180

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Hacking
  • APT
  • China
  • information security news
  • Mitsubishi Electric
  • Pierluigi Paganini
  • Security Affairs
  • Security News
  • Trend Micro AV
  • Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. According to ZDNet, the hackers involved in the attack against the Mitsubishi Electric have exploited a zero-day vulnerability in Trend Micro OfficeScan to infect company servers. This week, Mitsubishi Electric disclosed a security breach that might have […] The post Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack appeared first on Security Affairs.

    ...more

    Why Russian APT Fancy Bear hacked the Ukrainian energy firm Burisma?

    Published: 2020-01-14 16:52:13

    Popularity: 86

    Author: Pierluigi Paganini

    Keywords:

  • APT
  • Breaking News
  • Cyber warfare
  • Hacking
  • Intelligence
  • Burisma
  • Fancy Bear APT
  • hacking news
  • Russia
  • Security News
  • Russia-linked cyber-espionage group hacked the Ukrainian energy company Burisma at the center of the impeachment trial of US President Donald Trump. The Russian cyberspies, operating under Russia’s GRU military intelligence agency (aka Fancy Bear) carried out a spear-phishing campaign in November aimed at accessing the email of Burisma Holdings employees. The attack was detailed by […] The post Why Russian APT Fancy Bear hacked the Ukrainian energy firm Burisma? appeared first on Security Affairs.

    ...more

    Mariah Carey ‘s Twitter Hacked on New Year’s Eve

    Published: 2020-01-01 17:34:31

    Popularity: 64

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Hacking
  • Social Networks
  • Mariah Carey
  • Security Affairs
  • security affairs news
  • Security News
  • Another celebrity was the victim of the hackers, Mariah Carey ‘s Twitter account appears to have been hacked on New Year’s Eve. The Twitter account of Mariah Carey was hacked on New Year’s Eve, attackers posted a series of offensive, racist and lewd tweets. The messages also contained sexual insults against the about rapper Eminem. […] The post Mariah Carey ‘s Twitter Hacked on New Year’s Eve appeared first on Security Affairs.

    ...more

    Watch out, sextortion scammers are using a new tactic

    Published: 2020-01-02 10:03:14

    Popularity: 69

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Cyber Crime
  • Hacking
  • hacking news
  • information security news
  • Pierluigi Paganini
  • Security Affairs
  • Security News
  • sextortion
  • Sextortion cybercrimes continue to threaten Internet users, scammers are using new tactics to bypass spam filters and secure email gateways. Sextortion scams continue to evolve to bypass security measures such as spam filters and secure email gateways. Sextortion messages threaten the victims of revealing their private videos while watching adult websites or making virtual sex […] The post Watch out, sextortion scammers are using a new tactic appeared first on Security Affairs.

    ...more

    From iPhone to NT AUTHORITY\SYSTEM – exploit ‘Printconfig’ dll with a real-world example

    Published: 2019-12-15 19:37:56

    Popularity: 109

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Hacking
  • hacking news
  • information security news
  • Pierluigi Paganini
  • Printconfig
  • Security Affairs
  • Security News
  • From iPhone to NT AUTHORITY\SYSTEM – As promised in my previous post, I will show you how to exploit the “Printconfig” dll with a real world example. But what does Apple’s iPhone have to do with it?? Well, keep on reading… (sorry  no) Some time ago, me and my “business partner”  @padovah4ck, were looking for possible privileged […] The post From iPhone to NT AUTHORITY\SYSTEM – exploit ‘Printconfig’ dll with a real-world example appeared first on Security Affairs.

    ...more

    Twitter account of Huawei Mobile Brazil hacked

    Published: 2019-12-01 12:46:46

    Popularity: 25

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Hacking
  • hacking news
  • Huawei
  • information security news
  • Pierluigi Paganini
  • Security Affairs
  • Security News
  • Twitter
  • The official Twitter account of Huawei Mobile Brazil has been hacked and attackers have sent offensive messages to the rival Apple. The official Twitter account of Huawei Mobile Brazil has been hacked, attackers have sent offensive messages to provoke the rival Apple. The hack took place on Black Friday in Brazil, but at the time […] The post Twitter account of Huawei Mobile Brazil hacked appeared first on Security Affairs.

    ...more

    Tor Project is going to remove End-Of-Life relays from the network

    Published: 2019-10-10 11:14:28

    Popularity: 29

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Deep Web
  • Security
  • Dark Web
  • information security news
  • Pierluigi Paganini
  • privacy
  • Security Affairs
  • Security News
  • Tor
  • 🤖: "Tor dropouts"

    Maintainers at the Tor Project have removed from its network more than 800 relay servers running outdated and EOL versions of the Tor software. Currently, the Tor network is composed of more than 6000 relays, some of them running outdated Tor software versions (in some cases back to the 0.2.4.x versions). Other relays are running […] The post Tor Project is going to remove End-Of-Life relays from the network appeared first on Security Affairs.

    ...more

    XSS flaw would have allowed hackers access to Google’s network and impersonate its employees

    Published: 2019-06-16 05:19:53

    Popularity: 103

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Hacking
  • Google
  • information security news
  • Pierluigi Paganini
  • Security Affairs
  • Security News
  • XSS
  • 🤖: ""Whoa, no way!""

    Bug hunter Thomas Orlita discovered an XSS vulnerability in Google’s Invoice Submission Portal that would have allowed attackers access to Google’s internal network The Czech researcher Thomas Orlita discovered an XSS vulnerability in Google’s Invoice Submission Portal that would have allowed attackers access to part of Google’s internal network. The Google Invoice Submission Portal is […] The post XSS flaw would have allowed hackers access to Google’s network and impersonate its employees appeared first on Security Affairs.

    ...more

    Mozilla addressed flaws in Thunderbird that allow code execution

    Published: 2019-06-14 18:43:40

    Popularity: 88

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Hacking
  • hacking news
  • information security news
  • Pierluigi Paganini
  • Security Affairs
  • Security News
  • Mozilla released security updates for the Thunderbird email client that address vulnerabilities that could allow code execution on impacted systems.  Mozilla released security updates for the Thunderbird email client that address vulnerabilities that could be exploited by attackers to execute arbitrary code on impacted systems.  Mozilla released Thunderbird version 60.7.1 that addresses three High severity […] The post Mozilla addressed flaws in Thunderbird that allow code execution appeared first on Security Affairs.

    ...more

    Critical RCE affects older Diebold Nixdorf ATMs

    Published: 2019-06-09 09:28:08

    Popularity: 125

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Hacking
  • ATM
  • Diebold Nixdorf
  • information security news
  • Pierluigi Paganini
  • RCE
  • Security Affairs
  • Security News
  • Automated teller machine vendor Diebold Nixdorf has released security updates to address a remote code execution vulnerability in older ATMs. Diebold Nixdorf discovered a remote code execution vulnerability in older ATMs and is urging its customers in installing security updates it has released to address the flaw. The vulnerability affects older Opteva model ATMs, Diebold Nixdorf […] The post Critical RCE affects older Diebold Nixdorf ATMs appeared first on Security Affairs.

    ...more

    Russian military plans to replace Windows with Astra Linux

    Published: 2019-06-01 06:55:22

    Popularity: 417

    Author: Pierluigi Paganini

    Keywords:

  • Breaking News
  • Security
  • Astra Linux
  • information security news
  • LINUX
  • Pierluigi Paganini
  • Russia
  • Security Affairs
  • Security News
  • Windows
  • The Russian army seems to be in the process of replacing the Windows system with the Debian-based Linux distribution Astra Linux. Cyber security seems to subvert the globalization concept, governments are working to develop their own technology fearing possible espionage and sabotage activities of foreign states. The Russian military is in the process of replacing […] The post Russian military plans to replace Windows with Astra Linux appeared first on Security Affairs.

    ...more

    Two students uncovered a flaw that allows to use laundry machines for free

    Two students discovered a security flaw in over a million internet-connected laundry machines that could allow laundry for free. CSC ServiceWorks is a company that provides laundry services and air vending solutions for multifamily housing, academic institutions, hospitality, and other commercial sectors. They manage and operate many internet-connected laundry machines and systems, offering services such […]

    ...more

    CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog

    CISA adds GitLab Community and Enterprise Editions improper access control vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a GitLab Community and Enterprise Editions improper access control vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. The issue, tracked as CVE-2023-7028 (CVSS score: 10.0), is an account takeover via Password Reset. The […]

    ...more

    Ticketmaster confirms data breach impacting 560 million customers

    🤖: "Data gone wrong"

    Ticketmaster owner Live Nation confirmed the Ticketmaster data breach that compromised the data of 560 million customers. ShinyHunters, the current administrator of BreachForums, recently claimed the hack of Ticketmaster and offered for sale 1.3 TB of data, including full details of 560 million customers, for $500,000. Stolen data includes names, emails, addresses, phone numbers, ticket sales, […]

    ...more

    An XSS flaw in GitLab allows attackers to take over accounts

    🤖: "Hack alert!"

    GitLab addressed a high-severity cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to take over user accounts. GitLab fixed a high-severity XSS vulnerability, tracked as CVE-2024-4835, that allows attackers to take over user accounts. An attacker can exploit this issue by using a specially crafted page to exfiltrate sensitive user information. The vulnerability impacts versions 15.11 before […]

    ...more

    Threat actors exploit Atlassian Confluence bug in cryptomining campaigns

    🤖: "Crypto mining chaos"

    Threat actors are actively exploiting a critical flaw in the Atlassian Confluence Data Center and Confluence Server in cryptocurrency mining campaigns. The critical vulnerability CVE-2023-22527  (CVSS score 10.0) in the Atlassian Confluence Data Center and Confluence Server is being actively exploited for cryptojacking campaigns. The vulnerability is a template injection vulnerability that can allow remote […]

    ...more

    Quishing, an insidious threat to electric car owners

    🤖: ""Charging drama""

    Quishing is a type of phishing attack where crooks use QR codes to trick users into providing sensitive information or downloading malware. In recent years, the spread of electric cars has led to an increase in public charging stations. However, new cyber threats have emerged with this growth, including “quishing.” This term, a combination of […]

    ...more

    GitLab fixed a critical flaw in GitLab CE and GitLab EE

    🤖: ""Git bug squashed""

    GitLab addressed multiple vulnerabilities impacting GitLab CE/EE, including a critical pipeline execution issue. GitLab released security patches for 17 vulnerabilities in GitLab CE (Community Edition) and EE (Enterprise Edition). One of these vulnerabilities is a critical pipeline execution flaw, tracked as CVE-2024-6678 (CVSS score of 9.9), that could allow an attacker to trigger a pipeline […]

    ...more

    U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

    🤖: ""Exploit alert!""

    U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Veeam Backup and Replication vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) to its Known Exploited Vulnerabilities (KEV) catalog. This week, Sophos researchers warned that ransomware operators are exploiting the […]

    ...more

    end