Threat actors in the wild are mass-scanning websites for directories containing SSH private keys to hack them. The SSH allows a secure way to connect to servers hosting the websites, it allows administrators to get a terminal on them and enter commands. The SSH authentication could rely on login credentials (username and password), or on a […]
Microsoftâs Offensive Security Research (OSR) team disclosed a remote code execution vulnerability in the Chrome web browser. Microsoftâs Offensive Security Research (OSR) team has disclosed a remote code execution vulnerability in the Chrome web browser that was discovered by its experts. The flaw, tracked as CVE-2017-5121, was addressed by Google last month with the release of Chrome 61, but […]
Security researchers at Proofpoint spotted a cyber espionage campaign conducted by a group previously linked to China. The hackers have been using a recently patched .NET vulnerability, tracked as CVE-2017-8759, in attacks aimed at organizations in the United States. “Proofpoint researchers are tracking an espionage actor targeting organizations and high-value targets in defense and government. […]
Oracle released the October 2017 Critical Patch Update (CPU) that addresses a total of 252 security vulnerabilities that affect multiple products. Most of the vulnerabilities fixed by Oracle could be remotely exploitable without authentication. This is the last Oracle Critical Patch Update of 2017, this year the tech giant already resolved 1119 vulnerabilities, or 22% […]
Google continues working to improve the security of its users, the last measure introduced by the company it the ‘Advanced Protection’ feature. The Advanced Protection feature was designed to improve the security of users, who are at high risk of targeted attacks. “We took this unusual step because there is an overlooked minority of our users that […]
South Africa – About 30-million identity numbers and other personal and financial information leaked online, it is the largest data leak in the country. About 30-million identity numbers and other personal and financial information had been hacked and leaked online, it could be the biggest data breach suffered by the South Africa. The data breach was discovered […]
The Necurs botnet is spreading a new downloader that takes screenshots of the victimsâ desktops and Runtime Errors back to the operators. The Necurs botnet is back once again, the dreaded botnet was spreading a downloader that takes screenshots of the victimsâ desktops and Runtime Errors back to the attackers. “Recently we have seen a resurgence of […]
Researchers at BAE Systems investigated the recent cyber-heist that targeted a bank in Taiwan and linked the action to the notorious Lazarus APT group. The activity of the Lazarus APT Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. […]
Hacking ATM could be very easy thanks to the availability of the CUTLET MAKER ATM malware on an underground hacking forum. Wannabe crooks can buy an ATM malware on a Darknet market for around $5000, the discovery was made by researchers at Kaspersky Lab that noticed a forum post advertising the malicious code dubbed Cutlet Maker. […]
ROCA vulnerability (CVE-2017-15361) allows attackers to recover users Private RSA Keys, billion devices potentially impacted. While security experts are discussing the dreaded KRACK attack against WiFi networks IT giants, including Fujitsu, Google, HP, Lenovo, and Microsoft are warning their customers of a severe flaw in widely used RSA cryptographic library produced by German semiconductor manufacturer Infineon Technologies. The vulnerability, tracked […]