A study conducted by researchers at Cyjax revealed that organizations expose sensitive data via sandboxes used for malware analysis. Experts at the threat intelligence firm Cyjax analyzed file uploaded by organizations via malware analysis sandboxes and discovered that they were exposing sensitive data. The researchers analyzed PDF documents and email files (.msg and .eml) uploaded […]
Phishing is one of the oldest methods of cyberattacks. It uses deceptive and manipulated emails as a tool for gathering personal and organizational data. The emails are designed in a way that it appears to be authentic or belonging from a real business or authoritative source. People fell prey for these manipulative emails and provide […]
Samsung announced that the Galaxy S10, the Galaxy S9, and Galaxy Note 9 have obtained the Security Technical Implementation Guide (STIG) approval Other Samsung devices are included in the list of smartphones that can be used by the US federal government of the, they are the Galaxy S10, the Galaxy S9, and Galaxy Note 9. The above devices have achieved the […]
At least 23 local governments were impacted by a wave of ransomware attacks that according to the experts are the result of a coordinated effort. Texas is the victim of an ongoing wave of ransomware attacks that are targeting local governments. At least 23 local government organizations were impacted by the ransomware attacks, the Department […]
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you! 10-year-old vulnerability in Avaya VoIP Phones […]
Bluetana App allows detecting Bluetooth card skimmers installed at the gas pumps to steal customers’ credit and debit card information in just 3 seconds on average. Bluetooth card skimmers continue to be one of the favorite tools in the arsenal of crooks that attempt to steal credit and debit card information. In recent years, law […]
Intel released security updates to address high-severity vulnerabilities in NUC firmware, the Processor Identification Utility, and the Computing Improvement Program. Intel Patch Tuesday for August 2019 addressed high-severity vulnerabilities in NUC firmware, Processor Identification Utility, and Computing Improvement Program. One of the flaws addressed by Intel, tracked as CVE-2019-11140, is an insufficient session validation vulnerability that […]
Federal prosecutors revealed that Paige Thompson, who was arrested after the Capital One data breach, may have hacked more than 30 other organizations. In July, Capital One, one of the largest U.S. âcard issuer and financial corporation suffered a data breach that exposed personal information from 106 million Capital One credit applications. A hacker that goes […]
The DanaBot banking Trojan continues to evolve and spread across the continents, now moving from Australia to European countries. DanaBot is a multi-stage modular banking Trojan written in Delphi that first appeared on the threat landscape in 2018. The malware implements a modular structure that allows operators to add new functionalities by adding new plug-ins. The […]
Trend Micro addressed 2 DLL hijacking flaws in Trend Micro Password Manager that could allow malicious actors to escalate privileges and much more. Security expert Peleg Hadar from SafeBreach discovered a DLL hijacking vulnerability in the Trend Micro Password Manager that could be exploited to execute arbitrary code with the permissions of the most privileged […]