IBM recently fixed a high-severity issue in its Maximo asset management solution that could facilitate attacks on corporate networks. IBM recently addressed a high-severity issue, tracked as CVE-2020-4529, in its Maximo asset management solution that could facilitate attacks on making lateral movements within corporate networks. Maximo is designed to assist an organisation in managing its assets […]
New AcidBox Malware employed in targeted attacks leverages an exploit previously associated with the Russian-linked Turla APT group. Palo Alto Networks researchers analyzed a new malware, dubbed AcidBox, that was employed in targeted attacks and that leverages an exploit previously associated with the Russian-linked Turla APT group. The Turla APT group (aka Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON) has been active since at […]
A flaw in Cisco Webex Meetings client for Windows could allow local authenticated attackers to gain access to sensitive information. A vulnerability in Cisco Webex Meetings client for Windows, tracked as CVE-2020-3347, could be exploited by local authenticated attackers to gain access to sensitive information. “A vulnerability in Cisco Webex Meetings Desktop App for Windows could […]
In April the information technologies services giant Cognizant Technology suffered a ransomware attack, now it has confirmed also a data breach. In April the information technologies services giant Cognizant Technology was hit by Maze Ransomware operators. Cognizant is an American multinational corporation that provides IT services, it is one of the largest IT managed services company in the […]
Researchers uncovered a recent campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations. Security researchers at ESET recently uncovered a campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations in the military sector and diplomatic missions in Eastern Europe. […]
79 Netgear router models are vulnerable to a severe unpatched security vulnerability that can be exploited by remote attackers to take over devices. Security experts Adam Nichols from GRIMM and d4rkn3ss from the Vietnamese internet service provider VNPT have independently reported a severe unpatched security vulnerability that affects 79 Netgear router models. The flaw could […]
Drupal released security updates to patch several security issues, including a flaw that could allow an attacker to execute arbitrary PHP code. Drupal released security updates to address multiple security vulnerabilities, including a “critical” flaw tracked as CVE-2020-13664 that could be exploited by an attacker to execute arbitrary PHP code. The CVE-2020-13664 flaw affects both […]
Researchers uncovered an ongoing campaign delivering the Qbot malware to steal credentials from customers of dozens of US financial institutions. Security researchers at F5 Labs have spotted ongoing attacks using Qbot malware payloads to steal credentials from customers of dozens of US financial institutions. Qbot, aka Qakbot, is a data stealer worm with backdoor capabilities that […]
AWS announced it has mitigated a 2.3 Tbps DDoS attack, the largest ever, which surpassed the previous record of 1.7 Tbps that took place in March 2018. Amazon announced it has mitigated the largest ever DDoS attack of 2.3 Tbps, the news is surprising if we consider that the previous record was of 1.7 Tbps […]
Experts uncovered a new cyber-espionage campaign, dubbed “Operation In(ter)reception,” aimed at aerospace and military organizations in Europe and the Middle East. Security experts from ESET uncovered a new sophisticated cyber-espionage campaign, dubbed “Operation In(ter)reception,” aimed at aerospace and military organizations in Europe and the Middle East. The attackers were attempting to spy on key employees […]