An expert analyzed the level of security of avionics systems used in small airplanes, and the results are disconcerting. Patrick Kiley, a senior security consultant at Rapid7 conducted an investigation into the security of avionics systems inside small airplanes. The results are disconcerting it is quite easy to hack a small plane. Kiley, which is […]
Researchers at RIPS Technologies discovered vulnerabilities in the OXID eShop platform that could expose eCommerce websites to hack. Experts at RIPS Technologies discovered several flaws in the OXID eShop platform that could be exploited by unauthenticated attackers to compromise eCommerce websites. OXID eShop is a popular e-commerce software platform used by important brands like Mercedes […]
Experts warn of a new campaign carried out by threat actors that are wiping Iomega NAS devices exposed online. Security experts are warning of a campaign carried out by attackers that are deleting files on publicly accessible Lenovo Iomega NAS devices. Likely attackers use the Shodan search engine to find unprotected IOmega NAS exposed online […]
Security experts at Google disclosed details and proof-of-concept exploit codes for 4 out of 5 security vulnerabilities in Apple iOS. Researchers at Google disclosed details and proof-of-concept exploit codes for 4 out of 5 security vulnerabilities in Apple iOS that could be exploited by attackers to hack Apple devices by sending a specially-crafted message over […]
While Capital One incident is making the headlines, another incident may have severe consequences, the Los Angeles Police Department (LAPD) also suffered a data breach. The Los Angeles Police Department (LAPD) suffered a data breach that exposed the names, email addresses, passwords, and birth dates for thousands of police officers and applicants. The NBCLosAngeles confirmed that […]
Experts spotted a Java ATM malware that was relying on the XFS (EXtension for Financial Service) API to “jackpot” the infected machine Introduction Recently our attention was caught by a really particular malware sample most probably linked toa recent cybercriminal operation against the banking sector. This piece of malicious code is a so-called ‘ATM malware‘: […]
Capital One, one of the largest U.S. –card issuer and financial corporation suffered a data breach that exposed personal information from more than 100 million credit applications. A hacker that goes online with the handle “erratic” breached the systems at Capital One and gained access to personal information from 106 million Capital One credit applications. […]
Security experts at Armis have discovered a dozen zero-day vulnerabilities affecting the VxWorks real-time operating systems (RTOS) for embedded devices. Researchers at Armis Labs have discovered a dozen zero-day flaws in the VxWorks real-time operating systems (RTOS) for embedded devices. The collection of vulnerabilities was dubbed URGENT/11, it includes 11 flaws, 6 of which are […]
Security experts at Plugin Vulnerabilities have discovered an authenticated Persistent Cross-Site Scripting (XSS) flaw in Facebook Widget. Researchers at Plugin Vulnerabilities have discovered an authenticated Persistent Cross-Site Scripting (XSS) flaw in the Facebook Widget (Widget for Facebook Page Feeds). The plugin is one of the 1,000 most popular plugins and it was closed on the […]
Watch out! Playing a video on Android devices could be a dangerous operation due to a critical CVE-2019-2107 RCE flaw in Android OS between version 7.0 and 9.0. Playing a specially-crafted video on devices with the Android’s native video player application could allow attackers to compromise them due to a dangerous critical remote code execution […]