This is a very bad news for Google that suffered a massive data breach that exposed the private data of over 500,000 of Google Plus users to third-party developers. As a consequence of the data exposure, the company is going to shut down the social media network Google+. The root cause of the data breach is a security […]
Security experts discovered several vulnerabilities in WECON’s PI Studio HMI software, the company has verified the issues but has not yet released patches. Researchers Mat Powell and Natnael Samson discovered several vulnerabilities in WECON’s PI Studio HMI software, a software widely used in critical manufacturing, energy, metallurgy, chemical, and water and wastewater sectors. Both experts […]
Experts from Tenable Research have devised a new attack technique to fully compromise MikroTik Routers. MikroTik routers continue to be under attack, and the situation is getting worse because of the availability of a new PoC code. The new attack technique discovered by experts at Tenable Research could be exploited by remote attackers to execute […]
Researchers from Kaspersky Lab collected evidence that demonstrates overlaps between the activity of Russian APT groups Turla and Sofacy. In March, during the Kaspersky Security Analyst Summit held in Cancun, Kurt Baumgartner, Kaspersky principal security researcher, revealed the activity associated with Sofacy APT group appears to overlap with campaigns conducted by other cyber espionage groups. Baumgartner […]
The Git Project released a new version of the Git client, Github Desktop, or Atom. that addressed a critical remote code execution vulnerability in the Git. The Git Project addressed a critical remote code execution vulnerability in the Git command line client, Git Desktop, and Atom. The flaw tracked as CVE-2018-17456 could be exploited by malicious repositories to remotely […]
Experts from Symantec collected evidence that APT28 group returns to covert intelligence gathering operations in Europe and South America. APT28 state-sponsored group (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, and STRONTIUM) seems to have shifted the focus for its operations away from election interference to cyber espionage activities. The APT28 group has been active since at least 2007 and it has targeted governments, […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! · Estonia sues Gemalto for 152M euros over […]
D-Link addresses several remote code execution and XSS vulnerabilities affecting the Central WiFiManager access point management tool. D-Link issued security patches to address several remote code execution and cross-site scripting (XSS) vulnerabilities affecting the Central WiFiManager access point management tool. The vulnerabilities have been reported by researchers at SecureAuth/CoreSecurity D-Link Central WiFiManager software controller helps network […]
Experts at FortiGuard Labs team discovered three vulnerabilities in eight Sony Bravia smart TVs, one of them rated as critical. Patch management is a crucial aspect for IoT devices, smart objects are surrounding us and represent a privileged target for hackers. Experts at FortiGuard Labs team discovered three vulnerabilities (a stack buffer overflow, a directory traversal, […]
Users are reporting problems with the CCleaner software that appears to be partially broken after the installation of Windows 10 October 2018 Update Many Windows users are reporting problems after the installation of Windows 10 October 2018 Update, a few days ago a Reddit user discovered the Task Manager tool was showing inaccurate CPU usage after the upgrade. Other users […]