SafeBreach experts discovered that the HP Touchpoint Analytics service is affected by a potentially serious vulnerability. Security researchers at SafeBreach have discovered that the HP Touchpoint Analytics service is affected by a serious flaw tracked as CVE-2019-6333. The vulnerability received a CVSS score of 6.7 (medium severity). The TouchPoint Analytics is a service that allows the vendor to […]
Popular prostitution and escort forums in Italy and the Netherlands have been hacked and data have been offered for sale in the cybercrime underground. A Bulgarian hacker known as InstaKilla has breached two online escort forums and stole the user information that he is now offering for sale on a hacking forum. The two escort […]
A vulnerability in Sophos Cyberoam firewalls could be exploited by an attacker to gain access to a targetâs internal network without authentication. Sophos addressed a vulnerability in its Cyberoam firewalls that could be exploited by an attacker to gain access to a companyâs internal network without providing a password. “A critical shell injection vulnerability in Sophos […]
New espionage malware found targeting Russian-speaking users in Eastern Europe ESET found an advanced malware piece of malware named Attor, targeting diplomats and high-profile Russian-speaking users in Eastern Europe. ESET researchers discovered an advanced malware piece of malware named Attor, that was used in cyberespionage operations on diplomats and high-profile Russian-speaking users in Eastern Europe. […]
NSO Group ‘s surveillance spyware made the headlines again, this time the malware was used to spy on 2 rights activists in Morocco according Amnesty International. Amnesty International collected evidence of new abuses of the NSO Group ‘s surveillance spyware, this time the malware was used to spy two rights activists in Morocco. Experts at […]
Security experts discovered a critical remote code execution vulnerability, tracked as CVE-2019-9535, in the GPL-licensed iTerm2Â macOS terminal emulator app. Security experts at cybersecurity firm Radically Open Security (ROS) discovered a 7-year old critical remote code execution vulnerability in the GPL-licensed iTerm2 macOS terminal emulator app. The iTerm2Â macOS terminal emulator app is one of the most […]
NSA is warning of multiple state-sponsored cyberespionage groups exploiting enterprise VPN Flaws Last week, the UKâs National Cyber Security Centre (NCSC) reported that advanced persistent threat (APT) groups have been exploiting recently disclosed VPN vulnerabilities in enterprise VPN products in attacks in the wild. Threat actors leverage VPN vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure, to […]
vBulletin has recently published a new security patch update that addresses three high-severity vulnerabilities in the popular forum software. vBulletin has recently published a new security patch update that addresses three high-severity flaws in vBulletin 5.5.4 and prior versions. The vulnerabilities could be exploited by remote attackers to take complete control over targeted web servers […]
Hackers have compromised the infrastructure of Volusion and are distributing malicious software skimmers to steal payment card data provided by users. Volusion is a privately-held technology company that provides ecommerce software and marketing and web design services for small and medium sized businesses. The company has over 250 employees and has served more than 180,000 customers since its founding in 1999. […]
Security researchers discovered a code-execution vulnerability that affects versions through 9.0.4 of the Ghidra software reverse engineering (SRE) framework. GHIDRA is a multi-platform reverse engineering framework that runs on major OSs (Windows, macOS, and Linux). The framework was first mentioned in the CIA Vault 7 dump that was leaked in 2017. WikiLeaks obtained thousands of files allegedly originating from […]