The Drupal development team has fixed the drupalgeddon2 vulnerability that could be exploited by an attacker to take over a website. A few days ago, Drupal Security Team confirmed that a “highly critical” vulnerability, tracked as CVE-2018-7600, affects Drupal 7 and 8 core and announced the availability of security updates on March 28th. The vulnerability was discovered […]
This week Cisco patched three critical vulnerabilities affecting its operating system IOS XE, two of them are remote code execution flaws that could be exploited by an attacker to gain full control over vulnerable systems. Cisco March 2018 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication addressed 22 vulnerabilities, 3 of them rated as […]
According to a report from the Seattle Times, the dreaded WannaCry ransomware hit a Boeing production plant in Charleston, South Carolina on Wednesday. WannaCry is back, this time it infected some systems belonging to US aircraft manufacturer Boeing. According to a report from the Seattle Times, the dreaded ransomware hit a Boeing production plant in Charleston, South Carolina on […]
Another US city hit by hackers, over the weekend, a cyber attack took down part of Baltimore 911 system for seventeen hours. Part of its 911 service at the US city of Baltimore was taken down during the weekend by a cyber attack. The attackers targeted a specific server and took down the CAD system from 8.30am […]
A security researcher discovered that some of the Windows updates released by Microsoft to mitigate the Meltdown flaw introduce a severe bug. Meltdown and Spectre security updates made the headlines again, according to the security researcher Ulf Frisk some of them issued for Windows introduce a severe flaw. The Meltdown and Spectre security updates released by Microsoft in January and […]
A recently discovered Microsoft Office document exploit builder kit dubbed ThreadKit has been used to spread a variety of malware, including RATs and banking Trojans. Security experts at Proofpoint recently discovered a Microsoft Office document exploit builder kit dubbed ThreadKit that has been used to spread a variety of malware, including banking Trojans and RATs (i.e. Trickbot, Chthonic, FormBook and […]
A vulnerability in the iOS Camera App could be exploited by hackers to redirect users to a malicious website, the issue affects the built-in QR code reader. The iOS Camera App is affected by a bug that could be exploited by hackers to redirect users to a malicious website, the issue resides in the built-in QR code […]
Cyber security researcher Paolo Stagno (aka VoidSec) has tested seventy VPN providers and found 16 of them leaks users’ IPs via WebRTC (23%) You can check if your VPN leaks visiting: http://ip.voidsec.com Here you can find the complete list of the VPN providers that I’ve tested: https://docs.google.com/spreadsheets/d/1Nm7mxfFvmdn-3Az-BtE5O0BIdbJiIAWUnkoAF_v_0ug/edit#gid=0 Add a comment or send me a tweet if you have […]
BranchScope is a new side-channel attack technique that like Meltdown and Spectre attacks can be exploited by an attacker to obtain sensitive information from vulnerable processors. A group of researchers from the College of William & Mary, University of California Riverside, Carnegie Mellon University in Qatar, and Binghamton University has discovered a new side-channel attack dubbed […]
Who is behind the newborn Grey Heron surveillance company? According to an investigation conducted by Motherboard, the firm is linked to the Italian surveillance firm Hacking Team. The development and sale of surveillance software is a profitable business, many government agencies use spyware for different purposes, in some their involvement is very questionable. Early this month, […]