An unsecured Amazon S3 bucket, managed by a Walmart jewelry partner MBM Company Inc, left personal and contact information of 1.3 million customers exposed to the public internet. A new case of an Amazon S3 bucket left open online, this time personal data belonging to 1.3 million customers of Walmart jewelry partner MBM Company have been […]
While US-CERT warns of cyber attacks against critical infrastructure in the energy sectors, Russia-linked Sofacy APT is targeting a government agency in Europe. Last week the US Government announced sanctions against five Russian entities and 19 individuals, including the FSB, the military intelligence agency GRU. Despite the sanctions, Russian hackers continue to target entities worldwide, including US organizations. […]
VMware has addressed a denial-of-service (DoS) vulnerability, tracked as CVE-2018-6957, in its Workstation 12.x and 14.x and Fusion 10.1.1. and 10.x on OS X products. The affected VMware solutions can be attacked by opening a large number of VNC sessions. The DoS vulnerability was discovered by Lilith Wyatt of Cisco Talos, the flaw could be exploited on Workstation […]
At Pwn2Own 2018 the hackers received a total of $267,000, it was far less than in the past editions, but the quality of research was amazing. The popular hacking competition Pwn2Own is concluded, let’s see how much hackers earned and which applications they have successfully pwned. White hat hackers have earned a total of $267,000 at […]
The popular Hacker Adrian Lamo died at 37 age, the coroner confirmed his death, but the circumstances of his passing are still unknown. The popular hacker Adrian Lamo has died at 37, he is known for hacking a number of companies, including The New York Times in 2002., and turning the whistleblower Chelsea Manning into the FBI. […]
Following recent string of attacks that exploit flawed plugins, researchers at SafeBreach examined 6 popular extensible text editors for unix systems. Most of the modern text editors allow users to extend their functionalities by using third-party plugins, in this way they are enlarging their attack surface. Third-party plugins could be affected by vulnerabilities that could […]
According to Check Point report, the authors of the prolific GandCrab ransomware are continuously improving their malware by adopting the AGILE development process. Early February experts at cyber security firm LMNTRIX have discovered a new ransomware-as-a-service dubbed GandCrab. advertised in Russian hacking community on the dark web. The GandCrab was advertised in Russian hacking communities, researchers noticed that […]
News of the day is that the Mossack Fonseca law firm would shut down operations due to the reputational damage caused by the Panama Papers security breach. The Panama Papers is a huge trove of strictly confidential documents from the Panamanian law firm Mossack Fonseca that was leaked online on April 3, 2016. The Panama Leaks were acquired […]
Security experts at ERPScan explained that chaining 2 flaws recently patched it is possible to hack SAP CRM systems and access sensitive data. Security experts at ERPScan discovered that chaining the exploits for two security vulnerabilities in SAP NetWeaver Application Server Java patched last month, an attacker can hack customer relationship management (CRM) systems. CRMs are […]
RottenSys – A Chinese crime ring is building a huge botnet that is already composed of nearly 5 million Android device. Researchers at Check Point discovered attackers infecting the device with a strain of malware dubbed RottenSys that aggressively display ads on victims’ devices. “The Check Point Mobile Security Team has discovered a new widespread malware family […]