Bad news for Linux users, a flaw tracked as CVE-2019-12735 allows to hack their systems by tricking them into opening a specially crafted file in Vim or Neovim Editor. Security expert Armin Razmjou has recently found a high-severity vulnerability (CVE-2019-12735) in Vim and Neovim command-line text editing applications. The vulnerability, tracked as CVE-2019-12735, is classified as an arbitrary OS command […]
Security expert discovered an exposed database belonging to Shanghai Jiao Tong University containing 8.4TB in email metadata. Cloudflare Director of Trust & Safety Justin Paine discovered an unprotected database owned by Shanghai Jiao Tong University that was exposed online. The Shanghai Jiao Tong University is considered one of the most prominent academic institution based in […]
Retro video game website Emuparadise revealed to have suffered a data breach that exposed 1.1 Million accounts back in April 2018. Emuparadise is a website that offers tons of roms, isos and retro video games, users can download and play them with an emulator or play them with the web browser. The security breach occurred in […]
Microsoft is warning of an active spam campaign targeting European languages that leverages an exploit to infect simply by opening the attachment. Microsoft issued a warning on Friday about an ongoing spam campaign that is targeting European users. Spam messages are carrying weaponized RTF documents that could infect users with malware without any user interaction, […]
Millions of Exim mail servers are exposed to attacks due to a critical vulnerability that makes it possible for unauthenticated remote attackers to execute arbitrary commands. A critical vulnerability affects versions 4.87 to 4.91 of the Exim mail transfer agent (MTA) software. The flaw could be exploited by unauthenticated remote attackers to execute arbitrary commands […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! ESET analyzes Turla APTs usage of weaponized PowerShell Leicester City Football Club disclosed a card breach ProtonMail denies that it spies on users for government agencies Expert shows how […]
Automated teller machine vendor Diebold Nixdorf has released security updates to address a remote code execution vulnerability in older ATMs. Diebold Nixdorf discovered a remote code execution vulnerability in older ATMs and is urging its customers in installing security updates it has released to address the flaw. The vulnerability affects older Opteva model ATMs, Diebold Nixdorf […]
A security researcher found new evidence of activities conducted by the ICEFOG APT group, also tracked by the experts as Fucobha. Chi-en (Ashley) Shen, a senior security researcher at FireEye, collected evidence that demonstrates that China-linked APT group ICEFOG (aka Fucobha) is still active. The activities of the APT group were first uncovered by Kaspersky […]
On June 6, for more than two hours China Telecom re-routed through its infrastructure a large chunk of European mobile traffic. In November security researchers Chris C. Demchak and Yuval Shavitt published a paper that detailed how China Telecom has been misdirecting Internet traffic through China over the past years. The experts speculate that they were […]
Cisco Talos experts uncovered a new wave of attacks tracked as Frankenstein campaign, attackers used tools built by combining four open-source techniques. Security experts at Cisco Talos uncovered a series of highly targeted attacks, tracked as Frankenstein campaign, hackers used tools built by combining four different open-source techniques. Attackers behind the Frankenstein campaign carried out […]