Wikileaks released the documentation for HighRise, an Android app used by the CIA to intercept and redirecting SMS messages to a CIA-controlled server. WikiLeaks just published a new batch of documents related to another CIA hacking tool dubbed HighRise included in the Vault 7 released in partnership with media partners. The tool is an Android application […]
As part of the Microsoft Patch Tuesday, the tech giant fixed two critical flaws in Windows NTLM Security Protocol. Users must apply the patch asap. As part of the July Patch Tuesday, Microsoft has released security patches for a serious privilege escalation flaw affecting all Windows operating system versions for enterprises released since 2007. Experts at […]
Katyusha Scanner is a new fully automated SQLi vulnerability scanner discovered by researchers at security firm Recorded Future. Recorded Future security researchers have discovered a fully automated SQLi vulnerability scanner, dubbed Katyusha Scanner, on a hacking forum. The tool is offered for sale for just $500, it allows mass scans, simply managed from a smartphone […]
SAP has released its SAP Security Notes for July 2017 that includes 23 patches, the most severe is a SAP POS flaw that affects about 500 billion installs SAP has released its Security Notes for July that includes 23 patches with the majority of them rated medium. The most severe issue is a high-risk DoS vulnerability […]
Adobe released new versions of Flash Player and Connect web conferencing software to fix important and critical vulnerabilities. According to the security advisory published by Adobe for Flash Player, the new version 26.0.0.137 patches three critical vulnerabilities, including a remote code execution flaw tracked as CVE-2017-3099 that can be exploited by attackers to take full control of affected systems. […]
Security experts at TrendMicro discovered that the notorious Adwind RAT has resurfaced targeting enterprises in the Aerospace industries worldwide. Crooks are even more opportunists, they continually innovate their TTPs to maximize their profits to target the largest number of victims. Security experts at TrendMicro have discovered that the notorious Adwind RAT has resurfaced and cyber criminals are using it […]
The Open source devops platform Cloud Foundry fixed a bug that affects its User Account and Authentication server software. The Open source devops platform Cloud Foundry has disclosed a vulnerability, tracked as CVE-2017-8032, that affects its User Account and Authentication server software. The flaw, rated by the organization as high-severity, could be exploited by zone […]
Since May, APT actors have been penetrating the networks of US companies that operate nuclear facilities and that works in the energy industry. According to a joint report issued by the Department of Homeland Security and the FBI published last week, since May, hackers have been penetrating the networks of businesses that operate nuclear power stations, manufacturing […]
Experts found a flaw in Humax WiFi Router model HG-100R that could be triggered to fully compromise the devices. A zero-day vulnerability in Humax WiFi Router model HG-100R could be exploited by attackers to compromise the WiFi credentials and obtain the router console administrative password. Trustwave SpiderLabs researchers discovered. The issue was found by researchers […]
Researchers have exploited vulnerabilities in the implementation of the GMR-2 cipher decrypt satellite phone communications in fractions of a second. Two Chinese security researchers have exploited vulnerabilities in the implementation of the GMR-2 standard that could be exploited to decrypt satellite phone communications in fractions of a second. The GMR-2 is a stream cipher with 64-bit key-length […]