APT33, the Iran-linked APT group, has been using multiple layers of obfuscation to run a dozen live C2 servers for extremely targeted attacks. APT33, the Iran-linked APT group, has been using multiple layers of obfuscation to run a dozen live C2 servers...
McAfee a vulnerability in its antivirus software that could allow an attacker to escalate privileges and execute code with SYSTEM privileges. Security experts at SafeBreach have discovered a vulnerability in McAfee antivirus software tracked as CVE-2019-3648...
Eclypsium experts found a vulnerability affecting the popular PMx Driver Intel driver that can give malicious actors deep access to a device. In August, Eclypsium researchers found multiple serious vulnerabilities in more than 40 device drivers from...
ZombieLoad 2, aka TSX Asynchronous Abort, is a new flaw that affects the latest Intel CPUs that could be exploited to launch TSX Speculative attack. ZombieLoad 2, aka TSX Asynchronous Abort, is a new vulnerability tracked as CVE-2019-11135 that affects...
Microsoft’s Patch Tuesday updates for November 2019 address over 70 flaws, including an Internet Explorer issue (CVE-2019-1429) that has been exploited in attacks in the wild. Microsoft’s Patch Tuesday updates for November 2019 address 74 flaws,...
On Sunday, the Mexican state-owned oil company Petróleos Mexicanos (Pemex) was infected with the DoppelPaymer ransomware. On Sunday, a piece of the DoppelPaymer ransomware infected systems of the Mexican state-owned oil company Petróleos Mexicanos...
The analysis of a malicious email revealed a possible raising interest of the TA505 cybercrime gang in system integrator companies. Introduction During a normal monitoring activity, one of the detection tools hits a suspicious email coming from...
Researchers from Radware reported that massive TCP SYN-ACK DDoS reflection attacks hit Amazon, SoftLayer and telecom infrastructure in the last month. Researchers from Radware are warning of a wave of TCP SYN-ACK DDoS reflection attacks that in the last...
Crowdsourced security platform Bugcrowd announced it paid over $500,000 in bug bounty rewards during the last week of October. Bug bounty program could represent an excellent opportunity to monetize your passion, in just one week crowdsourced security...
This is really an embarrassing incident, ZoneAlarm forum site has suffered a data breach exposing data of its discussion forum users. ZonaAlarm, the popular security software firm owned by Check Point Technologies, has suffered a data breach. According...