Security experts have discovered a vulnerability in the Electron software framework that has been used for building a large number of popular desktop applications. Popular desktop applications, including Skype, Slack, GitHub Desktop, Twitch, WordPress.com, and others, are potentially affected. Electron is a node.js, V8, and Chromium open-source framework that allows developers to use web technologies such as […]
An Ubuntu user has spotted a Bytecoin cryptocurrency miner hidden in the source code of an Ubuntu Snap Pack in the Official Ubuntu Snap Store. An Ubuntu user that goes online with the GitHub moniker “Tarwirdur” has discovered a malware in the source code of an Ubuntu snap package hosted on the official Ubuntu Snap Store, a […]
The EE operator, the British largest cell network in the UK with some 30 million customers, has left a critical code system exposed online with a default password. EE, a British mobile network giant owned by BT Group has been accused of leaving a critical code repository on an open-source tool protected by a default username and […]
Security researchers from Kromtech Security discovered a MongoDB install belonging to the Russian-based video surveillance firm Did iVideon open online. The database included personal information for over 825,000 subscribers and partners. Leaked records include logins, email addresses, password hashes, server names, domain names, IP addresses, sub accounts, software settings, and payment settings information (we did not see any credit card […]
WannaCry ransomware outbreak anniversary – According to researchers from ESET, the popularity of EternalBlue increase significantly over the past months. Exactly one year ago, on May 12, the WannaCry ransomware infected hundreds of thousands of computers worldwide. The success of the malware was the use of the EternalBlue exploit that was stolen by Shadow Brokers […]
Google released an updated version of Chrome 66 that addresses a Critical security vulnerability that could be exploited by an attacker to take over a system. Google released an updated version of Chrome 66 (version 66.0.3359.170) for Windows, Mac, and Linux systems that addressed 4 security vulnerabilities. “This update includes 4 security fixes. Below, we highlight fixes that were contributed […]
Security experts devised a new attack technique dubbed Throwhammer that could be exploited by attackers to launch Rowhammer attack on a system in a LAN. A few days ago we discussed the GLitch attack that leverages graphics processing units (GPUs) to launch a remote Rowhammer attack against Android smartphones. Now security experts devised a new attack […]
Trello, when an error in the publishing strategy is able to put at risk the private data of a huge community of unaware users. A âSecurity enthusiasticâ found a vulnerability in the Trello web management and now with a simple dork is possible to query to mine passwords from dozens of public Trello boards. Our […]
On May 4th Tech giant Telstra discovered a vulnerability in its service that could potentially expose customers of its cloud who run self-managed resources. Telstra is a leading provider of mobile phones, mobile devices, home phones and broadband internet. On May 4th, the company has discovered a vulnerability in its service that could potentially expose […]
Security experts from the industrial cybersecurity firm Dragos warn of a threat actor tracked as Allanite has been targeting business and industrial control networks at electric utilities in the United States and the United Kingdom. Dragos experts linked the campaigns conducted by the Dragonfly APT group and Dymalloy APT, aka Energetic Bear and Crouching Yeti, to a threat actors they […]