UK authorities have seized over £920,000 ($1.1 million) worth of Bitcoin from a prolific hacker, the funds will be used to compensate his victims. Grant West, aka ‘Courvoisier,’ is a hacker that was arrested by the police on September 2017 as result of a two-year-long investigation code-named ‘Operation Draba.’ The man was charged with multiple […]
Some versions of the Squid web proxy cache server built with Basic Authentication features are affected by a heap buffer overflow vulnerability. The heap buffer overflow security flaw, tracked as CVE-2019-12527, could be exploited by attackers to trigger DoS condition and also to execute arbitrary code on the vulnerable servers. The flaw received a high severity CVSS […]
Mastercard disclosed a data breach that impacted customer data from the company’s Priceless Specials loyalty program. The American multinational financial services corporation notified the data breach to the German and Belgian Data Protection Authorities. The data leaked online includes customers’ names, payment card numbers, email addresses, home addresses, phone numbers, gender, and dates of birth. “The Belgian Data […]
Researchers at Pen Test Partners (PTP) discovered a privilege-escalation vulnerability in Lenovo Solution Centre (LSC) tracked as CVE-2019-6177. Security experts at Pen Test Partners (PTP) discovered a privilege-escalation vulnerability in Lenovo Solution Centre (LSC) that exists since 2011. “A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer supported, could allow log […]
Experts at Trend Micro discovered a new variant of the Asruex Trojan that exploits old Microsoft Office and Adobe vulnerabilities to infect systems. Malware researchers at Trend Micro discovered a new variant of the Asruex Trojan that exploits old Microsoft Office and Adobe vulnerabilities to infect Windows and Mac systems. Asruex first appeared in the […]
Hackers are exploiting recently disclosed flaws in enterprise virtual private network (VPN) products from Fortinet and Pulse Secure. The popular cybersecurity expert Kevin Beaumont has observed threat actors attempting to exploit the CVE-2018-13379 in the FortiOS SSL VPN web portal and CVE-2019-11510 flaw in Pulse Connect Secure. The CVE-2018-13379 is a path traversal vulnerability in the […]
The Ukrainian Secret Service is investigating the case of employees at a nuclear power plant that connected its system online to mine cryptocurrency. The Ukrainian Secret Service (SBU) launched an investigation after employees at a local nuclear power plant connected some systems of the internal network to the Internet to mine cryptocurrency. The incident was […]
Cisco provided updates for security advisories for three flaws affecting Cisco Small Business 220 Series Smart Switches patched in early August. Cisco has updated security advisories for three vulnerability in Cisco Small Business 220 Series Smart Switches that have been patched in early August. The three vulnerabilities were reported by the security researcher Pedro Ribeiro, […]
Cisco released security patches to address 17 critical and high-severity vulnerabilities affecting some Cisco Unified Computing products (UCS and IMC). Cisco has released security fixes to address 17 critical and high-severity vulnerabilities affecting some Cisco Unified Computing products. Most of the flaws affect the Integrated Management Controller (IMC) that is a baseboard management controller that […]
ESET experts discovered that an Android app infected with AhMyth open-source RAT has bypassed the security of Google Play twice over two weeks. The popular malware researcher Lukas Stefanko from ESET discovered that a malicious spyware, built on the AhMyth open-source espionage tool, was uploaded on Google Play twice over two weeks, bypassing Google security […]