IBM addressed a shared memory vulnerability in its Db2 data management solutions that could lead to information disclosure. IBM fixed a shared memory vulnerability in its Db2 data management products that can be exploited by malicious local users to access sensitive data. The vulnerability, which is tracked as CVE-2020-4414, was discovered by researchers from Trustwave, it […]
Cisco addressed a critical default credentials vulnerability (CVE-2020-3446) affecting some configurations of its ENCS 5400-W series and CSP 5000-W series appliances. Cisco fixed a critical default credentials vulnerability impacting some configurations of its ENCS 5400-W series and CSP 5000-W series appliances. Cisco Wide Area Application Services (WAAS) is technology developed by Cisco Systems that optimizes […]
The South African branch of consumer credit reporting agency Experian disclosed a data breach that impacted 24 million customers. The South African branch of consumer credit reporting agency Experian disclosed this week a data breach that impacted 24 million customers. The company revealed that only personal information was exposed in the data breach, no financial […]
US CISA published an alert related to a new North Korean malware, dubbed BLINDINGCAN, used in attacks on the US defense and aerospace sectors. The US Cybersecurity and Infrastructure Security Agency (CISA) has published a Malware Analysis Report (MAR) that includes technical details about a new strain of malware, tracked as BLINDINGCAN, that was attributed […]
Chinese hackers have hacked thousands of Taiwan Government email accounts belonging at least 10 Taiwan government agencies, officials said. Chinese hackers have gained access to around 6,000 email accounts belonging to at least 10 Taiwan government agencies, officials said. According to a top Taiwan cyber official, the attacks are part of a cyber espionage campaign. […]
Researchers spotted a new sophisticated peer-to-peer (P2P) botnet, dubbed FritzFrog, that has been actively targeting SSH servers since January 2020. FritzFrog is a new sophisticated botnet that has been actively targeting SSH servers worldwide since January 2020. The bot is written in Golang and implements wormable capabilities, experts reported attacks against entities in government, education, and finance […]
The actively exploited Windows spoofing vulnerability (CVE-2020-1464) recently patched by Microsoft has been known for more than two years. The actively exploited Windows spoofing flaw, tracked as CVE-2020-1464 and patched last week by Microsoft, has been known for more than two years, researchers revealed. Microsoftâs August 2020 Patch Tuesday security updates addressed 120 vulnerabilities, including two zero-days […]
A remote code execution (RCE) vulnerability affecting the Concrete5 CMS exposed numerous servers to full takeover, experts warn. A recently addressed remote code execution (RCE) flaw in the Concrete5 CMS exposed numerous websites to attacks. Concrete5 is an open-source content management system (CMS) designed for ease of use, for users with a minimum of technical […]
A critical vulnerability in Jenkins server software could result in memory corruption and cause confidential information disclosure. A critical vulnerability in Jenkins server software, tracked as  CVE-2019-17638, could result in memory corruption and cause confidential information disclosure. Jenkins is the most popular open source automation server, it is maintained by CloudBees and the Jenkins community. The […]
Ukrainian authorities arrested the members of a cybercrime gang who ran 20 cryptocurrency exchanges involved in money laundering. Police in Ukraine announced the arrest of the members of a cybercrime gang composed of three individuals who ran 20 cryptocurrency exchanges used in money laundering activities. According to the Ukrainian officials, the cryptocurrency exchanges allowed crooks […]