A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! Blur data leak potentially exposed data of 2.4 […]
The American hacktivist Martin Gottesfeld (34) has been sentenced to 10 years in prison for carrying out DDoS attacks against two healthcare organizations in the US in 2014. The alleged Anonymous member, Martin Gottesfeld, was accused of launching DDoS attacks against the two US healthcare organizations in 2014, the Boston Children’s Hospital and the Wayside […]
Rapid7 announced the release of Metasploit 5.0, the latest version of the popular penetration testing framework that promises to be very easy to use. Rapid7 announced the release of Metasploit 5.0, the new version includes several new important features and, the company believes it will easier to use and more powerful. Most important changes introduced […]
Z-WASP attack: Phishers are using a recently fixed flaw in Office 365 that allows them to bypass protections using zero-width spaces and deliver malicious messages to recipients. Microsoft recently fixed a vulnerability in Office 365 that was exploited by attackers to bypass existing phishing protections and deliver malicious messages to victims’ inboxes. The vulnerability ties with the […]
The British hacker Daniel Kaye has been sentenced to 32 months in prison for the cyberattack on Liberian telecom firms. The British hacker Daniel Kaye (29) has been sentenced to 32 months in prison for the 2016 attack that took down telecommunications services in Liberia. Kaye pleaded guilty in December to two charges under the Computer Misuse […]
Victims of the PyLocky Ransomware can use a tool released by security researcher Mike Bautista at Cisco Talos group to decrypt their files for free. I have good and bad news for the victims of the PyLocky Ransomware. The good news is that security researcher Mike Bautista at Cisco Talos group released a decryption tool […]
The social media platform Reddit has notified users that some of them have been locked out of their accounts after detecting suspicious activity. Reddit locked down a large number of user accounts after due to a security concern after detecting suspicious activity on them. “If you are here because you’ve been locked out of your […]
Cisco addressed two DoS vulnerabilities in CISCO ESA products that can be exploited by remote unauthenticated attacker. Cisco fixed two denial-of-service (DoS) flaws in Email Security Appliance (ESA) products that can be exploited by a remote unauthenticated attacker. The first flaw tracked as CVE-2018-15453 has been rated as “critical,” it is a memory corruption bug caused […]
Security expert uncovered a DNS hijacking campaign targeting organizations in various industries worldwide and suspects Iranian APT groups. Security experts at FireEye uncovered a DNS hijacking campaign that is targeting government agencies, ISPs and other telecommunications providers, Internet infrastructure entities, and sensitive commercial organizations in the Middle East, North Africa, North America and Europe. According […]
Experts disclosed three flaws in the systemd, a software suite that provides fundamental building blocks for Linux operating systems. Security firm Qualys has disclosed three flaws (CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866 ) in a component of systemd, a software suite that provides fundamental building blocks for a Linux operating system used in most major Linux distributions. […]