The French government announced a “Paris Call” for global talks about cyberspace security aimed at laying out a shared framework of rules. The French government is promoting a series of Global Talks on cyberspace security, it urges for a “code of good conduct” for states in the cyberspace. Events such as the interference in the 2016 Presidential election or […]
A critical security vulnerability affects a GDPR compliance plugin for WordPress has been already exploited in the wild to take control of vulnerable websites. Users warn of cyber attacks exploiting a critical security vulnerability in the WordPress GDPR Compliance plugin for WordPress to take over of websites using it. The WordPress GDPR Compliance plugin was used by more than […]
Crooks are exploiting the popularity of Elon Musk and a series of hacked verified Twitter accounts to implement a new fraud scheme. Crooks are exploiting the popularity of Elon Musk and a series of hacked verified Twitter accounts (i.e. UK retailer Matalan, US publisher Pantheon Books, and official government Twitter accounts such as the Ministry of Transportation of Colombia and the National […]
Experts at Volexity discovered that a recently patched remote code execution flaw (CVE-2018-15961) affecting the Adobe ColdFusion has been exploited in the wild. Security experts from Volexity reported that attackers in the wild are exploiting a recently patched remote code execution vulnerability affecting the Adobe ColdFusion. The flaw, tracked as CVE-2018-15961, is an unrestricted file upload vulnerability, successful exploitation could lead to […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! Apple T2 security chip in new MacBooks disconnects Microphone […]
Researchers from Trend Micro spotted a new cryptocurrency miner that leverages a rootkit component to hide its presence on the infected systems. Cryptocurrency malware continues to be a privileged choice for crooks and the number of victims is rapidly growing. Cryptocurrency miners are easy to detect due to the saturation of resources on the affected […]
North Korea-linked Lazarus Group has been using FastCash Trojan to compromise AIX servers to empty tens of millions of dollars from ATMs. Security experts from Symantec have discovered a malware, tracked as FastCash Trojan, that was used by the Lazarus APT Group, in a string of attacks against ATMs. The ATP group has been using this malware […]
Most people prefer using proxies over VPN services because they are easy to use and mostly available for free, but can it be relied on for anonymity? Now and then, we get to hear news about data breaches and cyber attacks. As such, it does not come as a surprise that people are becoming more […]
Nginx developers released security updates to address several denial-of-service (DoS) vulnerabilities affecting the nginx web server. nginx is an HTTP and reverse proxy server, a mail proxy server, and a generic TCP/UDP proxy server, it is used by 25.28% busiest sites in October 2018. Nginx development team released versions 1.15.6 and 1.14.1 to address two HTTP/2 implementation vulnerabilities that can […]
VMware released security patches for a critical virtual machine (VM) escape vulnerability that was recently discovered at a Chinese hacking contest. VMware has released security patches for a critical virtual machine (VM) escape vulnerability (CVE-2018-6981 and CVE-2018-6982) that was recently discovered by the researcher Zhangyanyu at the Chinese GeekPwn2018 hacking contest. The cause for the […]