IBM has addressed two critical vulnerabilities in IBM WebSphere Application Server that could allow a remote attacker to execute arbitrary code. In April, a security researcher who goes online with the moniker ‘tint0’ discovered three serious deserialization issues affecting the IBM WebSphere Application Server. Two of the vulnerabilities (CVE-2020-4450 and CVE-2020-4448) are remote code execution issues that […]
A threat actor is offering for sale in a darkweb black-market internal documents of the Indian defence contractor Bharat Earth Movers Limited (BEML). Researchers from cyber threat intelligence firm Cyble reported that a threat actor is offering in a darkweb black-market documents of the Indian defence contractor Bharat Earth Movers Limited (BEML). The company manufactures a variety […]
Security experts discovered a new UPnP vulnerability, dubbed Call Stranger, that affects billions of devices and could be exploited for various malicious activities. Security experts disclosed a new UPnP vulnerability, named Call Stranger, that affects billions of devices and could be exploited for various malicious activities. that affects billions of devices, it could be exploited […]
Any Indian DigiLocker Account Could’ve Been Accessed Without Password The Indian Government fixed a flaw in the secure document wallet service Digilocker that could have potentially allowed anyone’s access without password. The Indian Government announced to have fixed a critical vulnerability in its secure document wallet service Digilocker that could have potentially allowed a remote attacker […]
A researcher is warning that Google is indexing the phone numbers of WhatsApp users raising serious privacy concerns. Google is indexing the phone numbers of WhatsApp users that could be abused by threat actors for malicious activities. Even if Google Search only revealed the phone numbers and not the identities of associated users, ill-intentioned attackers […]
IBM has released open-source toolkits implementing fully homomorphic encryption (FHE) that allow researchers to process data while itâs still encrypted. IBM has released open-source toolkits implementing fully homomorphic encryption (FHE), which allows researchers to process encrypted data without having access to the actual data. The toolkits released by IBM are already available for macOS and […]
Researchers uncovered a malware campaign that is targeting Windows and Linux servers with a Golang-based malicious code called Stealthworker. Akamai researchers uncovered a malware campaign spreading a Golang-based malicious code tracked as Stealthworker. The malware targets Windows and Linux servers running popular web services and platforms including (i.e. cPanel / WHM, WordPress, Drupal, Joomla, OpenCart, Magento, […]
British Army has created a new regiment that will be tasked to operate its in-house security operations centre … cybersecurity is a pillar of UK defence strategy! The British Ministry of Defence continues to invest in cybersecurity as part of its strategy, it has launched a new regiment that will take charge of its in-house […]
This infographic includes interesting data related to the Covid-19 themed attacks observed by security researchers and law enforcement in the past months. [adrotate banner=”9″] [adrotate banner=”12″] Pierluigi Paganini (SecurityAffairs â COVID-19, hacking) [adrotate banner=”5″] [adrotate banner=”13″]
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Anonymous demands justice for George Floyd and threatens attacks ENISA published Proactive detection â Measures and information sources report Over 100K+ WordPress sites using PageLayer plugin exposed to hack Expert […]