Cisco issues a critical patch to address a remote code execution vulnerability in the Cisco WebEx software, hurry up apply it now! Cisco has issued a critical patch to fix a serious vulnerability (CVE-2018-0112) in its WebEx software that could be exploited by remote attackers to execute arbitrary code on target machines via weaponized Flash files. The vulnerability […]
After the publication of a working Proof-Of-Concept for Drupalgeddon2 on GitHub experts started observing attackers using it to deliver backdoors and crypto miners. At the end of March, the Drupal Security Team confirmed that a âhighly criticalâ vulnerability (dubbed Drupalgeddon2), tracked as CVE-2018-7600, was affecting Drupal 7 and 8 core and announced the availability of security updates on March 28th. The […]
Security experts at CSE CybSec ZLab malware Lab have conducted an interesting analysis of the principal Ransomware-as-a-Service platforms available on the dark web. Over the years, the diffusion of darknets has created new illegal business models. Along with classic illegal goods such as drugs and payment card data, other services appeared in the criminal underground, […]
Network-attached storage devices manufactured by LG Electronics are affected by a critical remote code execution vulnerability that could be exploited by attackers to gain full control of the devices. The experts at the security firm VPN Mentor found a pre-auth remote command injection vulnerability that affects the majority of LG NAS device models. “we found a way to […]
Facebook explained how it is tracking Non-Users across the Internet and for which purposes it is using their metadata. Facebook is still in the middle of a storm for its conduct and the way it approached the privacy of its users after the Cambridge Analytica case. Now Facebook is under scrutiny after Zuckerberg testified in front […]
Intel announced a new Threat Detection Technology and a framework of critical root-of-trust hardware security capabilities in its chips. Intel continues to innovate its products, the tech giant announced two new technologies, the Threat Detection Technology (TDT) and Security Essentials. The Threat Detection Technology leverages the silicon-level telemetry and functionality to allow security products detect sophisticated threats. […]
UK NCSC, DHS, and the FBI warn of Russian hacking campaign on Western networks, state-sponsored hackers are targeting network infrastructure key components. US and Britain government agencies warn of Russian state-sponsored cyber attacks to compromise government and business networking equipment. Russian hackers aim to control the data flaw “to support espionage, extract intellectual property, maintain […]
According to experts at Kaspersky, the Roaming Mantis malware is designed for distribution through a simple, but very efficient trick based on DNS hijacking. According to experts at Kaspersky, the Roaming Mantis malware is designed for distribution through a simple, but very efficient trick based on DNS hijacking. Imagine a nefarious person swapped out your […]
The UK GCHQ intelligence agency warns UK telcos firms of the risks of using ZTE equipment and services for their infrastructure. The alert was issued by the National Cyber Security Centre that said the Chinese firm “would present risk to UK national security that could not be mitigated effectively or practicably”. Let’s remind that the ZTE […]
According to Channel 2 Action News that investigated the incident, the ransomware attack on the City of Atlanta cost it at least $2.7 million. In the last weeks, I wrote about a massive ransomware attack against computer systems in the City of Atlanta. The ransomware infection has caused the interruption of several cityâs online services, including âvarious internal […]