Experts discovered a leaking, active database with over 123 million records belonging to Decathlon Spain (and possibly Decathlon UK as well). Experts from vpnMentor have uncovered a leaking, active database containing over 123 million records belonging to the sporting goods retailer Decathlon Spain (and possibly Decathlon UK as well). The unsecure archive is greater than […]
Tech vendor Zyxel addresses a critical vulnerability in several network-attached storage (NAS) devices that is already being exploited in the wild. Zyxel has released security patches to address a critical remote code execution vulnerability, tracked as CVE-2020-9054, that affects several NAS devices. The flaw can be exploited by an unauthenticated attacker, it resides in the weblogin.cgi CGI executable […]
Experts discovered a new critical remote code execution vulnerability in the OpenSMTPD that could allow hacking email servers running BSD or Linux. A new critical remote code execution vulnerability was discovered in the OpenSMTPD that could be exploited by attackers to take complete control over email servers running BSD or Linux operating systems. OpenSMTPD is an […]
Google has released Chrome 80 update that addresses three high-severity vulnerabilities, one of them has been exploited in the wild. Google has released Chrome 80 update (version 80.0.3987.122) that addresses three high-severity vulnerabilities, including a zero-day issue (CVE-2020-6418) that has been exploited in the wild. The CVE-2020-6418 vulnerability is a type confusion issue that affects […]
The popular cross-platform encrypted messaging service Signal has been chosen by the European Commission for its communications. The European Commission has decided to adopt for its staff the popular cross-platform encrypted messaging service Signal for its communications. The news was first reported earlier this month by the Politico website, a message issued on the commission’s […]
In this situation, ‘Est security’ found malicious code disguised as a ‘Corona 19 real-time status’ inquiry program and asked the public’s attention. The malware found is an executable program (EXE) using file names such as ‘Corona’s domestic status’ and ‘Corona’s real-time corona status.’ When you run the file, you will see a pop-up window titled […]
Security experts are warning of a new wave of attacks targeting a zero-day vulnerability in the popular Duplicator WordPress Plugin. Last week the development team behind the popular Duplicator WordPress plugin, the Snap Creek, addressed a zero-day vulnerability that affected at least 1 million websites. Now researchers at security firm WordFence are warning of a […]
Since end-December 2019 lampion malware has been noted as the most prominent malware targeting Portuguese organizations. Several devices have been infected when the victims open the zip file downloaded from the URL embedded in the malicious email that lures the Portuguese Government Finance & Tax (ATA), Energias de Portugal (EDP), and more recently the DPD firm – an international parcel delivery […]
Raccoon Malware is a recently discovered infostealer that can extract sensitive data from about 60 applications on a targeted system. Racoon malware, Legion, Mohazo, and Racealer, is an infostealer that recently appeared in the threat landscape that is advertised in hacking forums. The malware is cheap compared to similar threats, it is able to steal sensitive data […]
Slickwraps has disclosed a data breach that impacted over 850,000 user accounts, data were accidentally exposed due to security vulnerabilities. Slickwraps is an online store that offers for sale skins mobile devices, laptops, smartphones, tablets, and gaming consoles. The data leak was disclosed last week, on February 21 the company that customer records were accidentally exposed […]