Security experts discovered a vulnerability in the popular Evernote Web Clipper for Chrome can be exploited to steal sensitive data from sites visited by users. Security experts at browser security firm Guardio discovered a critical universal cross-site scripting (XSS) vulnerability in the Evernote Web Clipper for Chrome. “In May 2019 Guardio’s research team has discovered […]
Tavis Ormandy, a white hat hacker Google Project Zero announced to have found a zero-day flaw in the SymCrypt cryptographic library of Microsoft’s operating system. The recently released Microsoft Patch Tuesday security updates for June 2019 failed to address a flaw in SymCrypt, a core cryptographic function library currently used by Windows. The flaw could be […]
After two years of silence, FIN8 group is back and carried out a new campaign against the hotel-entertainment industry employing the ShellTea/PunchBuggy backdoor. Two years later after the last report, FIN8 group is back and carried out a new campaign against the hotel-entertainment industry using an improved version of the ShellTea/PunchBuggy backdoor. The last time […]
The English rock Radiohead released 18-hour trove of private recordings from their 1997 album “OK Computer” in response to the recent hack. The alternative rock band Radiohead released an 18-hour trove of private recordings from their 1997 album “OK Computer” after being hacked by crooks that demanded a ransom of $150,000 for the music. Radiohead uploaded 1.8-gigabyte […]
Security researchers disclosed the details of RAMBleed, a new type of side-channel attack on DRAM that can allow stealing sensitive data from a memory. A team of academics from several universities has disclosed the details a new type of side-channel attack on dynamic random-access memory (DRAM), dubbed RAMBleed. The RAMBleed issue, tracked as CVE-2019-0174, could […]
Microsoft releases Patch Tuesday security updates for June 2019 that address 88 vulnerabilities in Windows OS and other products. Microsoft Patch Tuesday security updates for June 2019 address 88 vulnerabilities in Windows OS and other products of the tech giant (Internet Explorer, Microsoft Edge browser, Microsoft Office and Services, ChakraCore, Skype for Business, Microsoft Lync, […]
Adobe Patch Tuesday updates for June 2019 address several critical arbitrary code execution flaws in Flash Player, ColdFusion and Campaign products. Adobe Patch Tuesday security updates for June 2019 address some critical arbitrary code execution vulnerabilities in Flash Player, ColdFusion and Campaign products. Adobe fixed critical command injection, file extension blacklist bypass and deserialization vulnerabilities […]
Security researchers at Alert Logic have discovered a vulnerability in the WordPress Live Chat plugin that could be exploited to steal and hijack sessions. Experts at Alert Logic have discovered a vulnerability in the popular WordPress Live Chat plugin that could be exploited by an unauthorized remote attacker to steal chat logs or manipulate chat sessions. […]
Customs and Border Protection (CBP) revealed that photos of travelers and license plates collected at a single U.S. border point have been stolen by hackers. Customs and Border Protection (CBP) revealed that photos of travelers and license plates collected at a single U.S. border point have been stolen as a result of a cyber attack. […]
For months the Italian users have been targeted by waves of malspam delivering infamous Ursnif variants, Yoroi-Cybaze ZLab detailed its evolution. Introduction For months the Italian users have been targeted by waves of malspam delivering infamous Ursnif variants. Yoroi-Cybaze ZLab closely observed these campaigns and analyzed them to track the evolution of the techniques and […]