Microsoft Patch Tuesday security updates for September 2021 addressed a high severity zero-day flaw actively exploited in targeted attacks. Microsoft Patch Tuesday security updates for September 2021 addressed a high severity zero-day RCE actively exploited in targeted attacks aimed at Microsoft Office and Office 365 on Windows 10 computers. The flaw, tracked as CVE-2021-40444, resides in the MSHTML, […]
Latvian vendor MikroTik revealed that recently discovered MÄris botnet is targeting devices that were compromised three years ago. Last week, the Russian Internet giant Yandex has been targeting by the largest DDoS attack in the history of Runet, the Russian Internet designed to be independent of the world wide web and ensure the resilience of the country to an […]
A high severity vulnerability, tracked as CVE-2021-3437, in HP OMEN laptop and desktop gaming computers exposes millions of systems to DoS and privilege escalation attacks. Millions of HP OMEN laptop and desktop gaming computers are exposed to multiple attacks by a high severity vulnerability tracked as CVE-2021-3437 that was discovered by SentinelLabs researchers. “Potential security vulnerabilities […]
Google Chrome 93.0.4577.82 for Windows, Mac, and Linux that addressed eleven security issues, including two zero-days actively exploited. Google released Chrome 93.0.4577.82 for Windows, Mac, and Linux that fixed eleven security issues, including two zero-days vulnerabilities actively exploited in the wild. This is the tenth zero-day vulnerability in Chrome fixed by Google that was exploited […]
Experts found a critical flaw, tracked as CVE-2021-23406, in the popular NPM package ‘Pac-Resolver‘ that has millions of downloads every week. The development team behind a popular NPM package called ‘Pac-Resolver‘ for the JavaScript programming language fixed a high-severity remote code execution vulnerability tracked as CVE-2021-23406. The vulnerability can be exploited by remote attackers to run […]
Apple released security patches to fix two zero-day vulnerabilities in iOS and macOS that are actively exploited in attacks in the wild. Apple rolled out security patches to fix a couple of zero-day flaws in iOS and macOS (CVE-2021-30860, CVE-2021-30858), the IT giant also warns its customers that these issues are actively exploited in attacks […]
Facebook announced it will allow WhatsApp users to encrypt their message history backups in the cloud. Facebook will continue to work to protect the privacy of WhatsApp users and announced that it will allow users to encrypt their message history backups in the cloud. While WhatsApp has already implemented end-to-end encrypion since 2016, the company […]
Spook.js is a new side-channel attack on modern processors that can allow bypassing Site Isolation protections implemented in Google Chrome. Boffins devised a transient side-channel attack on modern processors, “Spook.js,” that can be abused by threat actors to bypass Site Isolation protections implemented in Google Chrome and Chromium browsers. The technique allows in some cases to steal sensitive […]
Technology giant Olympus announced it was the victim of a ransomware attack and is currently investigating the extent of the incident. Olympus issued a statement to announce that its European, Middle East and Africa computer network was hit by a ransomware attack. “Upon detection of suspicious activity, we immediately mobilized a specialized response team including […]
A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and South American banks. The new maxtrilha trojan is being disseminated and targeting several banks around the world. Criminals are constantly creating variants of popular banking trojans, keeping in mind the same modus operandi but […]