White hat hacker discovered some Windows 10 versions come with a pre-installed version of Keeper Password Manager that exposes systems to passwords stealing. I was reading Tweets when I noticed the following post: I don't want to hear about how even a password manager with a trivial remote root that shares all your passwords with […]
Voter registration data for more than 19 million California residents stored in an unsecured MongoDB instance has been deleted and held for ransom. Voter registration data for more than 19 million California residents that was stored in an unsecured MongoDB database has been deleted and held for ransom by attackers. The incident was discovered by researchers at […]
Security experts from Secureworks revealed the Lazarus APT group launched a spearphishing campaign against a London cryptocurrency company. The dreaded Lazarus APT group is back and launched a spearphishing campaign against a London cryptocurrency company to steal employee credentials. The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks […]
For Fox-IT disclosed a security breach that affected its infrastructure and demonstrated how to manage it in an outstanding way. The cybersecurity firm Fox-IT, one of the top security companies currently owned by the UK giant NCC Group, disclosed a security breach that affected its infrastructure. According to the firm, on September 19 an unknown attacker carried […]
Triton malware – A new strain of malware specifically designed to target industrial control systems (ICS) system has been spotted by researchers at FireEye A new strain of malware dubbed Triton specifically designed to target industrial control systems (ICS) has been spotted by researchers at FireEye. The Triton malware has been used in attacks aimed at an unnamed critical […]
FortiClient for Linux, Mac OSX and Windows stores encrypted VPN authentication credentials in improperly secured locations. Fortinet provided security updates for its next-generation endpoint protection FortiClient product that address a serious information disclosure vulnerability. The flaw, tracked as CVE-2017-14184, could be exploited by an attacker to obtain VPN authentication credentials. FortiClient is a powerful product that includes […]
Security researchers at Trend Micro have publicly disclosed an unpatched zero-day flaw in the firmware of AT&T DirecTV WVB kit after manufactured failed to patch it Security researchers at Trend Micro have discovered an unpatched zero-day vulnerability in the firmware of AT&T DirecTV WVB kit after the manufacturer failed to patch this flaw over the past few months. […]
ROBOT ATTACK – Security experts have discovered a 19-year-old flaw in the TLS network security protocol that affects many software worldwide. The security researchers Hanno Böck and Juraj Somorovsky of Ruhr-UniversitĂ€t Bochum/Hackmanit, and Craig Young of Tripwire VERT, have discovered a 19-year-old vulnerability in the TLS network security protocol in the software several tech giants […]
Microsoft released Patch Tuesday updates for December 2017 that address more than 30 vulnerabilities, including 19 Critical browser issues. Microsoft has released its Patch Tuesday updates for December 2017 that address more than 30 vulnerabilities, including 19 critical flaws affecting the Internet Explorer and Edge web browsers. Microsoft addressed several memory corruption flaws that can be exploited […]
Crooks are now involving a small, battery-powered device dubbed Smart Shield Detector that is able to detect digital anti-skimming technology used by ATMs. ATM skimmers are widely adopted by crooks to steal payment card data, in the last months, experts observed an increase in the number of cyber attacks against ATM involving so-called âinsert skimmers.â In response, […]