In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 22 to March 28, 2020. Threat actors exploit the interest in the COVID19 outbreak while infections increase worldwide, experts are observing new campaigns...
The FIN7 APT group has been targeting businesses with malicious USB drives and Teddy Bears sent to the victims, the FBI warns. The FBI is warning of a new wave of attacks carried out by the FIN7 APT group that is sending to the victims devices acting...
Experts discovered an easily exploitable heap-based buffer overflow flaw, tracked as CVE-2020-10245, that exists in the CODESYS web server. A critical heap-based buffer overflow flaw in a web server for the CODESYS automation software for engineering...
Experts from Qihoo 360's NetLab recently spotted two zero-day campaigns targeting DrayTek enterprise-grade networking devices. Since December 2019, researchers from Qihoo 360 observed two different attack groups that are employing two zero-days...
AMD admitted that a hacker has stolen files related to some of its graphics products, but it downplayed the potential impact of the hack. AMD admitted that a hacker that goes online with the moniker “Palesa” has stolen source code files related...
Google announced to have warned users of almost 40,000 alerts of state-sponsored phishing or malware attacks during 2019. Google shared data on alerts related to state-sponsored attacks, the tech giant revealed that it issued almost 40,000 alerts...
Researchers warn of a security flaw recently addressed in the WPvivid Backup Plugin that could be exploited to obtain all files of a WordPress website. WebARX experts warn of a missing authorization check recently addressed in the WPvivid Backup...
Researchers at Group-IB observed new financially motivated attacks in Western Europe traced to Russian-speaking threat actors. Group-IB, a Singapore-based cybersecurity company that specializes in preventing cyberattacks, has detected successful attacks...
Operation Poisoned News - Experts observed a campaign aimed at infecting the iPhones of users in Hong Kong with an iOS backdoor that allows attackers to spy on them. Security experts at Trend Micro have observed a campaign aimed at infecting the iPhones...
An unauthenticated insecure direct object reference (IDOR) issue in VLC for iOS could allow a local attacker to steal media from the storage. VLC for iOS was vulnerable to an unauthenticated insecure direct object reference (IDOR) which could allow...