Boffins have demonstrated how to steal a Tesla Model X in a few minutes by exploiting vulnerabilities in the car’s keyless entry system. A team of researchers from the Computer Security and Industrial Cryptography (COSIC) group at the KU Leuven University in Belgium has demonstrated how to steal a Tesla Model X in minutes by […]
TikTok has addressed a couple of security issues that could have been chained to led account takeover. The first issue addressed by the social media platform is a reflected XSS security flaw that has been reported by the bug bounty hunter Muhammed “milly” Taskiran via the bug bounty platform HackerOne. The Cross-Site-Scripting flaw affected the company […]
VMware addressed six vulnerabilities in its SD-WAN Orchestrator product that can potentially expose enterprise networks to hack. VMware last week addressed six vulnerabilities (CVE-2020-3984, CVE-2020-3985, CVE-2020-4000, CVE-2020-4001, CVE-2020-4002, CVE-2020-4003) in its SD-WAN Orchestrator product, including some issues that can be chained by an attacker to hijack traffic or shut down an enterprise network. The following […]
The U.S. FBI is warning private industry partners of a surge in Ragnar Locker ransomware activity following a confirmed attack from April 2020. The U.S. Federal Bureau of Investigation (FBI) issued a flash alert (MU-000140-MW) to warn private industry partners of an increase of the Ragnar Locker ransomware activity following a confirmed attack from April […]
Sonatype’s deep dive research allowed to identify a new family of Discord malware called CursedGrabber. Sonatype has discovered more malware in the npm registry which, following our analysis and multiple cyber threat intelligence reports, has led to the discovery of a novel and large scale malware campaign leveraging the open-source ecosystem. The malware called “xpc.js” […]
A threat actor has published online a list of one-line exploits to steal VPN credentials from over 49,000 vulnerable Fortinet VPNs. A threat actor, who goes online with the moniker “pumpedkicks,” has leaked online a list of exploits that could be exploited to steal VPN credentials from almost 50,000 Fortinet VPN devices. Researchers from Bank Security first […]
Hackers have stolen naked photos and videos from hundreds of female sports stars and celebrities and leaked them online. Threat actors have stolen naked photos and videos from hundreds of female sports stars and celebrities and leaked them online. The attack took place in the same hours as hackers hit Manchester United and brings us back […]
Two Romanians arrested for running three malware services Two Romanians have been arrested for running two malware crypter services called CyberSeal and DataProtector, and the CyberScan malware testing service. Romanian police forces have arrested this week two individuals suspected of running two malware crypter services called CyberSeal and DataProtector, and a malware testing service called […]
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Chilean-based retail giant Cencosud hit by Egregor Ransomware ShinyHunters hacked Pluto TV service, 3.2M accounts exposed The North Face website suffered a credential stuffing attack Crooks use software skimmer that […]
Officials confirm that the city of Saint John was hit by a massive cyberattack that has crippled the entire IT municipal infrastructure. The city of Saint John, Canada, was hit by a massive cyberattack that has crippled the entire IT municipal infrastructure, the incident was publicly disclosed on November 15. The cyberattack caused the shut […]