Researchers at Applied Risk discovered serious flaws in some PLC gateways manufactured by industrial tech company ABB. Security experts at Applied Risk are affected by potentially serious flaws and the bad news is that the vendor will not release firmware updates because the impacted products have reached the end of life. The security firm published a security advisory that […]
New Malware Takes Commands From Memes Posted On Twitter Security researchers at Trend Micro have spotted a new strain of malware that retrieved commands from memes posted on a Twitter account controlled by the attackers. In this way, attackers make it hard to detect traffic associated with the malware that is this case appears as legitimate […]
Twitter discovered a possible nation-state attack while it was investigating an information disclosure flaw affecting its platform. Experts at Twitter discovered a possible state-sponsored attack while they were investigating an information disclosure vulnerability affecting its support forms. The experts discovered that the attack was launched from IP addresses that may be linked to nation-state actors. The flaw affected […]
A Czech cyber-security agency is warning against using Huawei and ZTE technologies because they pose a threat to state security. The Chinese nightmare is rapidly spreading among European countries, now a Czech cyber-security agency is warning against using the equipment manufactured by Chinese firms Huawei and ZTE because they pose a threat to state security. […]
A second sample of the Shamoon wiper was uploaded to Virus total on December 13, from the Netherlands, experts analyzed it. Last week security experts at Chronicle announced the discovery of a new variant of the infamous Shamoon malware, the sample was uploaded to Virus Total from Italy at around the time Italian oil services company […]
Good news for the victims of the dreaded HiddenTear Ransomware, the popular cybersecurity expert Michael Gillespie has devised a tool dubbed HT Brute Forcer that could allow decrypting files for free. In 2015, the Turkish security researchers Utku Sen published the HiddenTear ransomware, the first open source ransomware, for educational purposes. The original code was decryptable, for this reason, […]
Siemens addressed several vulnerabilities in SINUMERIK controllers, including denial-of-service (DoS), privilege escalation and code execution issues. Siemens has fixed several flaws in SINUMERIK controllers, some of them have been classified as âcritical.â The list of vulnerabilities includes DoS, privilege escalation and code execution flaws. Security experts at Kaspersky Lab discovered that SINUMERIK 808D, 828D and 840D controllers are […]
U.S. Ballistic Missile Defense Systems Fail Cybersecurity Audit US DoD Inspector General’s report revealed United States’ ballistic missile defense systems (BMDS) fail to implements cyber security requirements. The U.S. Department of Defense Inspector General published a report this week that revealed that lack of adequate cybersecurity for the protection of the United States’ ballistic missile defense systems […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! STOLEN PENCIL campaign, hackers target academic institutions. WordPress […]
Researcher Terence Eden discovered that the permissions dialog when authorizing certain apps to Twitter could expose direct messages to the third-party. The flaw is triggered when apps that require a PIN to complete the authorization process instead of the using the OAuth protocol. The expert discovered that some permissions such as that to access direct messages, remained […]