Researchers from the University of California, Riverside (UCR) have devised a new Spectre CPU side-channel attack called SpectreRSB. SpectreRSB leverage the speculative execution technique that is implemented by most modern CPUs to optimize performance. Differently, from other Spectre attacks, SpectreRSB recovers data from the speculative execution process by targeting the Return Stack Buffer (RSB). “rather than exploiting the […]
Sony fixed 2 remotely exploitable flaws in Sony IPELA E Series Network Camera products that could be exploited to execute commands or arbitrary code. Sony addressed two remotely exploitable flaws in Sony IPELA E Series Network Camera products that could be exploited to execute commands or arbitrary code on affected devices. The first vulnerability, tracked as CVE-2018-3937, is a […]
Security experts are warning of an intensification of attacks powered by two notorious IoT botnets, Mirai and Gafgyt. Security experts are warning of a new wave of attacks powered by two botnets, Mirai and Gafgyt. Since the code of the infamous Mirai botnet was leaked online many variants emerged in the threat landscape. Satori, Masuta, Wicked Mirai, JenX, […]
The source code of the Exobot Android banking trojan has been leaked online, researchers already verified its authenticity. The source code of the Exobot Android banking trojan has been leaked online and experts believe that we will soon assist at a new wave of attacks based on the malware. The Exobot Android banking trojan was first spotted at the end […]
Researchers at CSE Cybsec ZLab analyzed a malicious code involved in a long-term espionage campaign in Syria attributed to a APT-C-27 group. A few days ago, the security researcher Lukas Stefanko from ESET discovered an open repository containing some Android applications. The folder was found on a compromised website at the following URL: hxxp://chatsecurelite.uk[.]to […]
The U.S. government should opt to carry out hack backs as retaliation against the massive attacks against organizations in the US private sector. The U.S. government should opt to carry out hack backs as retaliation against the massive attacks against organizations in the US private sector, and when appropriate, the military’s hacking unit should hit […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! · CSE Malware ZLab – Operation Roman Holiday […]
According to media, Ecuador is going to hand over the WikiLeaks founder Julian Assange to the UK in “coming weeks or even days.” In 2012 a British judge ruled WikiLeaks founder Julian Assange should be extradited to Sweden to face allegations of sexual assault there, but Assange received political asylum from Ecuador and spent the […]
Proofpoint uncovered a massive malspam campaign leveraging emails delivering weaponized PDF documents containing malicious SettingContent-ms files. Security experts from Proofpoint have uncovered a massive malspam campaign, crooks sent hundreds of thousands of emails delivering weaponized PDF documents containing malicious SettingContent-ms files. Experts attributed the malspam campaign to the cybercriminal group tracked as TA505, the attackers […]
Microsoft has addressed a serious vulnerability in the Microsoft Translator Hub that could be exploited to delete any or all the projects hosted by the service. Microsoft has fixed a severe vulnerability in the Microsoft Translator Hub that could be exploited to delete any or all projects hosted by the service. The Microsoft Translator Hub “empowers businesses and communities […]