This week Apple released security patches to address the CVE-2020-9859 zero-day vulnerability that had been used to jailbreak iPhones devices. Apple released security patches to address the CVE-2020-9859 zero-day vulnerability in the iOS kernel that had been used to jailbreak iPhones. The flaw was discovered by a team of cyber-security researchers and hackers that also […]
Researchers disclosed a flaw in VMware Cloud Director platform, tracked as CVE-2020-3956, that could be abused to takeover corporate servers. Security researchers from hacking firm Citadelo disclosed details for a new critical vulnerability in VMware’s Cloud Director platform, tracked as CVE-2020-3956, that could be abused to takeover corporate servers. VMware Cloud Director is a cloud service-delivery platform […]
The REvil/Sodinokibi ransomware operators have leaked the files allegedly stolen from the UK power grid middleman Elexon. In May Elexon, a middleman in the UK power grid network, was the victim of a cyber attack, its systems have been infected with the Sodinokibi ransomware. The incident impacted only affected the internal IT network, including the […]
The expert Bhavuk Jain received an award of $100,000 for reporting a severe security issue in âSign in with Appleâ authentication bypass bug that could allow the takeover of third-party user accounts. The bug hunter Bhavuk Jain received an award of $100,000 by Apple, as part of its bug bounty program, for reporting a severe […]
VMware has released an update to address a privilege escalation flaw in VMware for the macOS version of Fusion that was introduced by a previous patch. In March, VMware patched a high-severity privilege escalation vulnerability (CVE-2020-3950) in Fusion, Remote Console (VMRC) and Horizon Client for Mac. The CVE-2020-3950 is a privilege escalation vulnerability caused by the […]
Maintainers at the Joomla open-source content management system (CMS) announced a security breach that took place last week. Last week a member of the Joomla Resources Directory (JRD) team left an unencrypted full backup of the JRD site (resources.joomla.org) on an unsecured Amazon Web Services S3 bucket operated by the company. The company did not […]
Earlier this year a hacker breached Daniel’s Hosting, the largest free web hosting provider for dark web hidden services and now leaked its DB. A threat actor has leaked the database of Daniel’s Hosting (DH), the largest free web hosting provider for dark web hidden services. The hacker has stolen the data in March when […]
The hacktivist collective group Anonymous demands justice for George Floyd and threatens to âexpose the many crimesâ of Minneapolis Police. Anonymous demands justice for George Floyd and threatens to âexpose the many crimesâ of Minneapolis Police. George Floyd was killed by a white police officer by kneeling on his neck for more than eight minutes. […]
EU Agency for Cybersecurity ENISA has published a new report of the proactive detection of incidents, including measures and information sources. The EU Agency for Cybersecurity ENISA has published a new report and accompanying repository on measures and information sources that could help security experts and operators of IT and critical infrastructure to proactively detect […]
This post includes the details of the Coronavirus-themed attacks launched from May 24 to May 30, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. May 26 – Hangzhou could permanently adopt COVID-19 […]