Danish security researcher Ollypwn has released DOS exploit PoC for critical vulnerabilities in the Windows RDP Gateway. The Danish security researcher Ollypwn has published a proof-of-concept (PoC) denial of service exploit for the CVE-2020-0609 and CVE-2020-0610 vulnerabilities in the Remote Desktop Gateway (RD Gateway) component on Windows Server (2012, 2012 R2, 2016, and 2019) devices. A Remote Desktop Gateway server is typically […]
A Russian national pleaded guilty this week to running a carding website called Cardplanet that helped people commit credit-card fraud. Last year, the Russian man Aleksei Burkov (29) was accused of running an online criminal marketplace, called Cardplanet, that helped crooks to organize more than $20 million in credit card fraud. In November, the suspect […]
Cisco addressed a critical issue in the Cisco Firepower Management Center (FMC) that could allow a remote attacker to bypass authentication and execute arbitrary actions. Cisco fixed a critical vulnerability in the Cisco Firepower Management Center that could allow a remote attacker to gain administrative access to the web-based management interface of the vulnerable devices […]
Experts found online an unsecured database owned by THSuite and used by point-of-sale systems in medical and recreational marijuana dispensaries. Data leak continues to be a frequent issue suffered by companies, news of the day is the discovery of an unsecured database owned by THSuite and used by point-of-sale systems in medical and recreational marijuana dispensaries […]
Hackers used a remote access Trojan (RAT) associated with Iran-linked APT groups in recent attacks on a key organization in the European energy sector. Security experts from Recorded Future reported that a backdoor previously used in attacks carried out by an Iran-linked threat actor was used to target a key organization in the European energy […]
An expert discovered that over 250 million Microsoft customer support records might have been exposed along with some personally identifiable information. The popular researcher Bob Diachenko found an unprotected database containing over 250 million customer support records along with some personally identifiable information. The unprotected archive was containing support requests submitted to the tech giant […]
System supporting libraries in Volusia County were hit by a cyber attack, the incident took down 600 computers at Volusia County Public Library (VCPL) branches. 600 staff and public access computers were taken down at Volusia County Public Library (VCPL) branches in Daytona Beach, Florida, following a cyberattack. The attack started around 7 AM on […]
The phone of the Amazon billionaire Jeff Bezos was hacked in 2018 after receiving a WhatsApp message from the personal account of the crown prince of Saudi Arabia. In April 2019, Gavin de Becker, the investigator hired by Amazon chief Jeff Bezos to investigate into the release of his intimate images revealed that Saudi Arabian authorities […]
US military claims to have disrupted the online propaganda activity of the Islamic State (ISIS) in a hacking operation dating back at least to 2016. In 2016, the US Cyber Command carried out successful operations against the online propaganda of the Islamic State (ISIS), this is what emerged from declassified national security top-secret documents released […]
Yomi implements detection for CurveBall exploits and also supports CVE-2020-0601 exploit detection even for signed Powershell modules. The recent CurveBall vulnerability shook the Info-Sec community worldwide: a major vulnerability reported directly by the US National Security Agency. Such uncommon vulnerability reporter alerted the whole Industry, CVE-2020-0601 quickly conquered most of the headlines. The reason for this unusual outreach […]