Bug hunters have earned a total of $195,000 for finding flaws in TVs, routers and smartphones on the first day of the Pwn2Own Tokyo 2019 contest. Pwn2Own is the annual hacking contest event organized by Trend Micro’s Zero Day Initiative (ZDI). Pwn2Own Tokyo 2019 contest offers over $750,000 in rewards for working exploits targeting one […]
Google experts found a flaw, tracked as CVE-2019-18408, in the compression library libarchive could lead to arbitrary code execution. Google experts found a vulnerability, tracked as CVE-2019-18408, in the compression library libarchive could be exploited to execute arbitrary code. The libarchive library is a multi-format archive and compression library that implements a single interface for reading/writing various compression formats. Several […]
The #FifthOfNovember has arrived, the Italian branch of Anonymous and LulzSecITA hacked websites of professional orders, prefecture of Naples, and also the telephone operator Lyca Mobile. The Million Mask March, also known as “Operation Vendetta” is a worldwide, annual protest associated with the hacktivist group Anonymous occurring annually on Guy Fawkes Day, the 5th of November. […]
Kaspersky discovered a previously unknown APT group, tracked as DarkUniverse, by analyzing Shadow Brokers’ “Lost in Translation” data dump. In 2017, a hacker group known as the Shadow Brokers stolen malware and hacking tools from the arsenal of the NSA-Linked Equation Group, then it published online the data dump called “Lost in Translation.” The dump […]
Experts demonstrated that is possible to hack smart voice assistants like Siri and Alexa using a lasers beam to send them inaudible commands. Researchers with the University of Michigan and the University of Electro-Communications (Tokyo) have devised a new technique, dubbed “light commands,” to remotely hack Alexa and Siri smart speakers using a laser light […]
Researchers found serious flaws in Investintech’s Able2Extract Professional tool that could be exploited to execute arbitrary code using specially crafted image files. The Able2Extract Professional has over 250,000 licensed users across 135 countries, it allows them to view, convert and edit PDF files. Cisco Talos experts discovered two high-severity memory corruption vulnerabilities that can be […]
NTT DATA-owned firm Everis is one of Spain’s largest managed service providers (MSP), it has suffered a ransomware attack, and it was not the only case. Systems at Spain’s largest managed service providers (MSP) Everis have been infected by a ransomware, and it was not alone because the also Spain’s largest radio station Cadena SER […]
The popular code hosting platform GitLab is considering to block new hires from China and Russia due to espionage concerns. GitLab is a popular code hosting platform GitLab that is currently used by several major tech companies including IBM, Sony, NASA, Alibaba, Oracle, Invincea, Boeing, and SpaceX. The news was confirmed by Eric Johnson, VP […]
Business email compromise scam (BEC) continues to target organizations worldwide, crooks stole $742,000 from Ocala City in Florida. The City of Ocala in Florida is the last victim in order of time of a profitable business email compromise scam (BEC) attack, fraudsters redirected over $742,000 to a bank account under their control. Attackers’ emails posed […]
The popular rConfig network configuration management utility is affected by two critical remote code execution flaws that have yet to be patched. rConfig is a completely open-source, network configuration management utility used to validate and manage network devices, including switches, routers, firewalls, and load-balancer. The cyber security expert Mohammad Askar has discovered two critical remote code […]