The Internet-Draft document if approved formally deprecates Transport Layer Security versions 1.0 (TLS 1.0) [RFC2246] and 1.1 (TLS 1.1) [RFC4346]. In March, the Internet Engineering Task Force (IETF) finally announced the approval of TLS 1.3, the new version of the Transport Layer Security traffic encryption protocol. It was a long journey, the IETF has been analyzing proposals for TLS 1.3 since April 2014, the […]
Malware researchers from ESET have discovered a new strain of Android RAT, tracked as HeroRat, that leverages Telegram protocol for command and control, and data exfiltration. HeroRat isn’t the first malware abusing Telegram protocol, past investigation reported similar threats like TeleRAT and IRRAT. The new RAT has been in the wild at least since August 2017 and in March […]
Fortnite is currently the most popular game, crooks are attempting to exploit the interest in forthcoming Fortnite Android to infect millions of fans. No doubt, Fortnite is currently the most popular game, it is a co-op sandbox survival game developed by Epic Games and People Can Fly. The game was released as a paid-for early access title […]
Researchers from cybersecurity firm VDOO have discovered several vulnerabilities affecting nearly 400 security cameras from Axis Communications. Researchers from cybersecurity firm VDOO have conducted a study on IoT devices and discovered seven vulnerabilities in cameras manufactured by Axis Communications. According to the vendor, nearly 400 models are affected by the issue and Axis has released […]
The US DHS and the FBI have published a new joint report that includes technical details of a piece of malware allegedly used by the Hidden Cobra APT. A new joint report published by US DHS and FBI made the headlines, past document details TTPs associated with North Korea-linked threat groups, tracked by the US government as […]
Following the recent hack of a US Navy contractor security experts found evidence of very recent activity by the China-linked APT group tracked as APT15. The China-linked APT15 group (aka Ke3chang, Mirage, Vixen Panda, Royal APT and Playful Dragon) has developed a new strain of malware borrowing the code from one of the tool he used in past […]
A new crypto mining malicious code dubbed ADB.miner is targeting Android-based devices Amazon Fire TV and Fire Stick. Recently, security experts spotted the crypto mining malware ADB.miner (Android.CoinMine.15) targeting Amazon Fire TV and Fire TV Stick devices. The malicious code is active at least since February when researchers at Qihoo 360’s Netlab have spotted the Android mining botnet […]
Apple introduced a new feature in the latest beta versions of iOS, dubbed USB Restricted Mode, to improve the security of a locked device, Apple is implementing a new feature dubbed USB Restricted Mode to improve the security of its device, it is going to lock down the iPhone’s data port to avoid unauthorized access, […]
Schneider Electric has patched last week four flaws affecting the U.motion Builder software, including two critical command execution vulnerabilities. Schneider Electric U.motion Builder is a tool designed for creating projects for U.motion devices that are used in critical manufacturing, energy, and commercial facilities industries. “This exploit occurs when the submitted data of an input string is evaluated […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! · Crooks used a KilllDisk wiper in an […]