New revelations on the Wawa card data breach suggests that the incident might have exposed 30 million customers’ data that are now available online for sale. In December 2019, Wawa convenience store chain disclosed a payment card breach, its security team discovered a PoS malware on its payment processing systems. Wawa operates more than 860 convenience retail stores, this […]
Security researchers have spotted a vulnerability, tracked as CVE-2020-7247, that affects a core email-related library used by many BSD and Linux distributions. Security experts from Qualys have discovered a flaw, tracked as CVE-2020-7247, in OpenSMTPD. OpenSMTPD is an open-source implementation of the server-side SMTP protocol as defined by RFC 5321, it includes also some additional […]
Researchers investigate a new perceptual challenge that causes the ADAS systems and autopilots of semi/fully autonomous to consider depthless objects (phantoms) as real. Abstract The absence of deployed vehicular communication systems, which prevents the advanced driving assistance systems (ADASs) and autopilots of semi/fully autonomous cars to validate their virtual perception regarding the physical environment surrounding […]
Magento has released version 2.3.4 to address multiple vulnerabilities, some of them are critical code execution issues. Magento version 2.3.4 has addressed several vulnerabilities in its e-commerce platform, come of them are critical code execution issues. The vulnerabilities affect Magento Commerce (2.3.3/2.2.10 and below), Open Source (2.3.3/2.2.10 and below), Enterprise Edition (1.14.4.3 and earlier), and […]
A vulnerability in the Zoom online meeting system could be exploited to join meetings and view all content shared by participants. The popular video conferencing Zoom is affected by a vulnerability that could be exploited to join meetings and view all content shared by participants. The issue allowed anyone to remotely eavesdrop on unprotected active […]
The recently discovered Snake Ransomware has been targeting processes and files associated with industrial control systems (ICS). Security experts from SentinelOne reported that the recently discovered Snake Ransomware has been targeting processes and files associated with industrial control systems (ICS). The Snake ransomware is written in the Golang programming language and has been used in […]
Marco Ramilli published the Cyber Threat Trends Dashboard, a useful tool that will allow us to better understand most active threats in real time. Introduction Information sharing is one of the most important activity that cybersecurity researchers do on daily basis. Thanks to âinfosharingâ activities it is possible to block or, in specific cases, to […]
The vendor Fortinet has finally released security patches to remove the hardcoded SSH keys in Fortinet SIEM appliances. Fortinet has finally released security updates to remove the hardcoded SSH keys in Fortinet SIEM appliances. Recently Andrew Klaus, a security specialist from Cybera, discovered a hardcoded SSH public key in Fortinetâs Security Information and Event Management FortiSIEM that […]
Citrix has released security patches for the recently disclosed CVE-2019-19781 flaw, but the number of attacks on vulnerable systems is increasing. Last week, Citrix addressed the actively exploited CVE-2019-19781 flaw in Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances. While security researchers were warning of ongoing scans for Citrix Application Delivery Controller (NetScaler […]
A German privacy watchdog is investigating into clothing retailer H&M because it was allegedly spying on its customer service representatives in Germany. Hamburgâs data protection commissioner has launched an investigation into Swedish clothing retailer H&M (Hennes & Mauritz) amid evidence that the company was spying on its customer service representatives in Germany. According to the […]