The Australian National University suffered a vast hack carried out by a “sophisticated operator” who gained access to 19 years of sensitive data. The Australian National University was the victim of a vast hack carried out by a “sophisticated operator” who gained access to 19 years of sensitive data. The top Australian university is known […]
A security expert has developed a Metasploit module to exploit the critical BlueKeep vulnerability and get remote code execution. The security researcher ZÇÉčosum0x0 has developed a module for the popular Metasploit penetration testing framework to exploit the critical BlueKeep flaw. The vulnerability, tracked as CVE-2019-0708, impacts the Windows Remote Desktop Services (RDS) and was addressed by Microsoft with May […]
A new piece of malware appeared in the threat landscape, dubbed BlackSquid it targets web servers with several exploits to deliver cryptocurrency miners. Security experts at Trend Micro have discovered a new Monero cryptomining miner, dubbed BlackSquid, that is targeting web servers, network drives, and removable drives. The new piece of malware leverages many exploits […]
A security expert disclosed technical details of a new unpatched vulnerability (CVE-2019-9510) that affects Microsoft Windows Remote Desktop Protocol (RDP). Security expert Joe Tammariello of Carnegie Mellon University Software Engineering Institute (SEI), discovered a new unpatched vulnerability in Microsoft Windows Remote Desktop Protocol (RDP). The flaw, tracked as CVE-2019-9510, could be exploited by client-side attackers to […]
A few hours ago, a new email hacking tool dubbed Jason and associated with the OilRig APT group was leaked through the same Telegram channel used to leak other tools. A new email hacking tool associated with the Iran-linked OilRig APT group was leaked through the same Telegram channel that in April leaked the source […]
Gamaredon continues to target Ukraine, Yoroi-Cybaze ZLab spotted a new suspicious activity potentially linked to the popular APT group Introduction The Gamaredon attacks against Ukraine donât seem to have stopped. After a month since our last report we spotted a new suspicious email potentially linked to the Gamaredon group. The group was first discovered by Symantec and TrendMicro in 2015 but […]
A security expert found a flaw could be exploited to bypass macOS security and privacy features by using synthetic clicks. The popular white hat hacker Patrick Wardle, co-founder and chief research officer at Digita Security, discovered a vulnerability that could be exploited to bypass security warnings by performing ‘Synthetic Clicks’ on behalf of users without […]
What can Apple ‘s fan do to work with his favorite company? A teen opted out to hack it twice. A 17-year-old teenager Australian teenager decided to attract the attention of the tech giant by gaining access to its mainframe with false credentials. The teen was dreaming of a job in Apple and was convicted […]
Unpatched vulnerabilities affect the rkt container runtime that could be exploited by an attacker to escape the container and gain root access to the host. The security researchers Yuval Avrahami discovered some vulnerabilities in the rkt containter that could be exploited by an attacker to compromise the underlying host when a user executes the ârkt […]
Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication Summary:Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication via a /remote/media_control?action=setUri&uri=URI Technical Observation: We are abusing […]