Adobe released security updates for Adobe Illustrator, Bridge, and Magento that fix several issues, including multiple remote code execution flaws. Adobe has released security updates that address multiple vulnerabilities in Adobe Illustrator, Bridge, and Magento, including some critical remote code execution flaws. The remote code execution flaws could be exploited by an attacker to execute commands […]
Timetv.live is the latest Azeri news site targeted by Denial of Service (DDoS) attacks launched by Sandman threat actor, the attack took place on March 21, 2020. Original Post by Qurium: *Qurium’s forensics report:* Sandman and Fineproxy behind the DDoSAttacks against TimeTV.Live https://www.qurium.org/alerts/azerbaijan/sandman-and-fineproxy-behind-the-ddos-attacks-against-timetv-live/ Timetv.live is the latest Azeri news site targeted by Denial of Service attacks. […]
The Outlaw Hacking Group is back, malware researchers from Cybaze-Yoroi ZLab have uncovered a new botnet that is targeting European organizations Introduction During our daily monitoring activities, we intercepted a singular Linux malware trying to penetrate the network of some of our customers. The Linux malware is the well-known “Shellbot”, it is a crimetool belonging […]
A bug in the Real-Time Find and Replace WordPress plugin could allow hackers to hackers to create rogue admin accounts on over 100,000 sites. A vulnerability in the Real-Time Find and Replace WordPress plugin could be exploited by attackers to create rogue admin accounts. The Real-Time Find and Replace WordPress plugin is currently installed on over 100,000 sites, it […]
Experts discovered how to take over Microsoft Teams accounts by just sending recipients a regular GIF, it works for both desktop and web Teams versions. Microsoft has addressed a vulnerability in Teams workplace video chat and collaboration platform that could have allowed attackers to take Team accounts by sending participants a malicious link to an […]
Experts managed to sinkhole several C2 servers of the VictoryGate botnet that already infected over 35,000 devices and propagates via infected USB devices. The VictoryGate botnet is active since at least May 2019, the botnet is more active in Latin America the most. More than 90% of the infected devices are located in Peru. Experts from […]
Cybersecurity firm Sophos releases an emergency patch to address an SQL injection flaw in its XG Firewall product that has been exploited in the wild. Cybersecurity firm Sophos has released an emergency patch to address an SQL injection zero-day vulnerability affecting its XG Firewall product that has been exploited in the wild. Sophos was informed […]
This post includes the details of the Coronavirus-themed attacks launched from April 19 to April 25, 2020. Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERShttps://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below […]
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERShttps://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform Are Maze operators behind the attack on the IT services giant Cognizant? Coronavirus-themed attacks April 12 – April 18, 2020 Cyberattack reports quadrupled […]
Experts from Cyble identified a threat actor attempting to sell Huiying Medical Technology’s source code for AI-assisted COVID-19 detection and experimental data. Researchers from the data breach notification firm Cyble have identified a credible bad actor that goes online with moniker ‘THE0TIME’ claiming to have gained access to Huiying Medical Technology’s COVID-19 detection’s technology. “As part of […]