Experts uncovered a new cyber-espionage campaign, dubbed “Operation In(ter)reception,” aimed at aerospace and military organizations in Europe and the Middle East. Security experts from ESET uncovered a new sophisticated cyber-espionage campaign, dubbed “Operation In(ter)reception,” aimed at aerospace and military organizations in Europe and the Middle East. The attackers were attempting to spy on key employees […]
Adobe addressed 18 critical code execution flaws in After Effects, Illustrator, Premiere Pro, Premiere Rush, and Audition products. Adobe addressed 18 critical code execution vulnerabilities in its After Effects, Illustrator, Premiere Pro, Premiere Rush, and Audition products. The IT giant patched five critical out-of-bounds write (CVE-2020-9660, CVE-2020-9662), out-of-bounds read (CVE-2020-9661) and heap overflow (CVE-2020-9637, CVE-2020-9638) vulnerabilities […]
A CIA elite hacking unit that developed cyber-weapons failed in protecting its operations, states an internal report on the Vault 7 data leak. According to an internal report drown up after the 2016 data breach that led to the ‘Vault 7‘ data leak, a specialized CIA unit involved in the development of hacking tools and […]
A database allegedly belonging to Ariix Italia was exposed online on an unsecured Amazon S3 bucket, it includes 30,000+ Italian sales agentsâ personal data. Researchers at cybernews.com recently uncovered an unsecured Amazon Simple Storage Service (S3) bucket that contains more than 36,000 documents, including scans of passports, credit cards, and health insurance cards. The database also contains sales […]
Serious security vulnerabilities in the Treck TCP/IP stack dubbed Ripple20 expose millions of IoT devices worldwide to cyber attacks, researchers warn. Hundreds of millions of devices worldwide could be vulnerable to remote attacks due to security vulnerabilities in the Treck TCP/IP stack dubbed Ripple20. Treck TCP/IP is a high-performance TCP/IP protocol suite designed for embedded […]
Oracle addressed two flaws in E-Business Suite solution that can be exploited by attackers to tamper with an organizationâs financial records. Oracle addressed two security flaws in its E-Business Suite (EBS) business management solution that could allow attackers to carry out a broad range of malicious activities, including to tamper with an organizationâs financial records. […]
Wireless carrier T-Mobile suffered a major outage in the United States, that impacted service at other carriers, due to a âmassiveâ DDoS attack. Wireless carrier T-Mobile suffered a massive DDoS attack that caused a major outage in the United States that impacted service at other carriers due to a âmassiveâ DDoS attack. The attack started […]
Norway’s health authorities announced the suspension of the design of a COVID-19 contact tracing app due to privacy concerns. In April, Norway launched its contact tracing app dubbed Smittestopp (“Infection stop”) to trace the diffusion of the COVID-19 in the country. A contact tracing app is a tool that could be used to contain new […]
Security vulnerabilities in modern communication protocol GTP used by mobile network operators can be exploited by attackers to target 4G/5G users. Researchers at cybersecurity firm Positive Technologies Security have discovered several vulnerabilities in communication protocol GPRS Tunnelling Protocol (GTP), that is used by mobile network operators (MNOs). Threat actors could exploit these flaws to conduct several […]
Black Kingdom ransomware operators are targeting organizations using unpatched Pulse Secure VPN software to deploy their malware. Researchers from security firm REDTEAM reported that operators behind the Black Kingdom ransomware are targeting enterprises exploiting the CVE-2019-11510 flaw in Pulse Secure VPN software to gain access to the network. Black Kingdom ransomware was first spotted in […]