The gang behind BitPaymer and ransomware attacks has been found exploiting Windows zero-day for Apple iTunes and iCloud. The cybercriminals behind BitPaymer and iEncrypt ransomware attacks have been found exploiting a Windows zero-day vulnerability for Apple iTunes and iCloud in attacks in the wild. The zero-day vulnerability resides in the Bonjour updater that comes packaged with […]
New espionage malware found targeting Russian-speaking users in Eastern Europe ESET found an advanced malware piece of malware named Attor, targeting diplomats and high-profile Russian-speaking users in Eastern Europe. ESET researchers discovered an advanced malware piece of malware named Attor, that was used in cyberespionage operations on diplomats and high-profile Russian-speaking users in Eastern Europe. […]
SAP addressed two critical vulnerabilities (Hot News) as part of the October 2019 Security Patch Day. SAP has released its October 2019 Security Patch Day updates that also address two critical vulnerabilities (Hot News) with CVSS scores of 9.3 and 9.1. The October 2019 Security Patch Day also includes a High Priority Note addressing Binary Planting […]
Maintainers at the Tor Project have removed from its network more than 800 relay servers running outdated and EOL versions of the Tor software. Currently, the Tor network is composed of more than 6000 relays, some of them running outdated Tor software versions (in some cases back to the 0.2.4.x versions). Other relays are running […]
NSO Group ‘s surveillance spyware made the headlines again, this time the malware was used to spy on 2 rights activists in Morocco according Amnesty International. Amnesty International collected evidence of new abuses of the NSO Group ‘s surveillance spyware, this time the malware was used to spy two rights activists in Morocco. Experts at […]
Security experts discovered a critical remote code execution vulnerability, tracked as CVE-2019-9535, in the GPL-licensed iTerm2Â macOS terminal emulator app. Security experts at cybersecurity firm Radically Open Security (ROS) discovered a 7-year old critical remote code execution vulnerability in the GPL-licensed iTerm2 macOS terminal emulator app. The iTerm2Â macOS terminal emulator app is one of the most […]
NSA is warning of multiple state-sponsored cyberespionage groups exploiting enterprise VPN Flaws Last week, the UKâs National Cyber Security Centre (NCSC) reported that advanced persistent threat (APT) groups have been exploiting recently disclosed VPN vulnerabilities in enterprise VPN products in attacks in the wild. Threat actors leverage VPN vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure, to […]
vBulletin has recently published a new security patch update that addresses three high-severity vulnerabilities in the popular forum software. vBulletin has recently published a new security patch update that addresses three high-severity flaws in vBulletin 5.5.4 and prior versions. The vulnerabilities could be exploited by remote attackers to take complete control over targeted web servers […]
Hackers have compromised the infrastructure of Volusion and are distributing malicious software skimmers to steal payment card data provided by users. Volusion is a privately-held technology company that provides ecommerce software and marketing and web design services for small and medium sized businesses. The company has over 250 employees and has served more than 180,000 customers since its founding in 1999. […]
Twitter admitted having “inadvertently” used phone numbers and email addresses, collected for security purposes, for advertising. Twitter apologized to have used phone numbers and email addresses, privided by the users for security purposes, for advertising. According to the social media company, data used for account authentication were also matched with advertisers’ database to improve the […]