A group under the Magecart umbrella adopted a new tactic that leverages on MiTM and phishing attacks to target sites using external payment processors. Security experts at RiskIQ continue to monitor activities of several Magecart groups, recently they spotted a new crew, tracked as Full(z) House, that leverages phishing and web skimming for its attacks. The Full(z) […]
Kaspersky has fixed several flaws affecting the web protection features implemented in some of its security products Kaspersky has addressed several vulnerabilities in the web protection features implemented in its antivirus solutions, including Internet Security, Total Security, Free Anti-Virus, Security Cloud, and Small Office Security products. The vulnerabilities were found by the security researcher Wladimir […]
A Czech intelligence report states that Russian and Chinese cyberspies carried out several attacks against the country during 2018. The Czech intelligence agency ‘Security Information Service (BIS)’ published a report on the activities related to 2018 that claims that Russian and Chinese cyberspies carried out several attacks against the country. The agency claims that nation-state […]
Aircraft warning lights, an essential component of the aviation infrastructure, but they pose a serious risk if controlled by hackers. The independent researcher Amitay Dan discovered that control panels for aircraft warning lights were exposed to the Internet, potentially allowing attackers to control them with unpredictable and catastrophic consequences. Aircraft warning lights are important components of […]
Some third-party apps quietly scraped personal information from people’s accounts from Twitter and Facebook, the social media companies claim. Facebook and Twitter revealed that some third-party apps quietly scraped personal information from people’s accounts without their consent. According to the company, the cause of behavior that violates their policies is a couple of “malicious” software […]
Researchers at SEC Consult Vulnerability Lab discovered multiple issues in several security products from Fortinet, including hardcoded key and encryption for communications. Security researchers from SEC Consult Vulnerability Lab discovered that multiple Fortinet products use a weak encryption cipher (âXORâ with a static key) and cryptographic keys to communicate with the FortiGuard Web Filter, AntiSpam […]
Over the summer, the Apache Solr team addressed a remote code execution flaw, not a working exploit code was published online. The bug addressed by the Apache Solr team fixed over the summer is more dangerous than initially thought. Apache Solr is a highly reliable, scalable and fault-tolerant, open-source search engine written in Java. Solr […]
Livingston School District in New Jersey is the last victim of a ransomware attack that caused a two hour delayed opening. Students at the Livingston public school district in New Jersey are undoubtedly happy for a two hour delayed opening tomorrow. A new ransomware attack hit a school district in the US, the malware has […]
Malware Hunter – One year after its launch, Marco Ramilli shared the results of its project that has analyzed more than 1 Million malware samples. Malware Hunter – One year ago I decided to invest in static Malware Analysis automation by setting up a full-stack environment able to grab samples from common opensources and to […]
U.S. Federal Communications Commission has cut off government funding for equipment from Huawei and ZTE due to security concerns. U.S. Federal Communications Commission has cut off government funding for equipment from the Chinese companies Huawei and ZTE due to security concerns. The Federal Communications Commission is also requesting to the government to assign subsidies to […]