Security experts have found several vulnerabilities affecting Dell EMC Avamar and Integrated Data Protection Appliance products. They also warn that VMware’s vSphere Data Protection, which is based on Avamar, is also affected by the issues. Dell EMC released security updates for Dell EMC Avamar Client Manager in Dell EMC Avamar Server and Dell EMC Integrated Data […]
Sofacy APT group (aka APT28, Pawn Storm, Fancy Bear, Sednit, Tsar Team, and Strontium) has a new weapon in its arsenal dubbed Cannon. The Russia-linked APT group delivers Cannon in a spear-phishing attack that targets government organizations in North America, Europe and in a former USSR state. Experts at Palo Alto Networks spotted a new campaign in late October and early November, spear-phishing messages used Word […]
Hackers targeted Drupal web servers chaining some known vulnerabilities, including Drupalgeddon2 and DirtyCOW issues. Security experts at Imperva reported an attack against Drupal Web servers running on Linux-based systems. Hackers exploited the Drupalgeddon2 flaw (CVE-2018-7600) along with other issues. The Drupalgeddon2 could be exploited to take over a website, it affects Drupal versions 6, 7 and 8. The other flaw […]
Two men from Tamworth, Staffordshire were sentenced to prison for their roles in the 2015 TalkTalk hack. Two men, Connor Allsopp, 21, and Matthew Hanley, 23, pleaded guilty to charges of hacking. Allsopp has been sentenced to 8 months in jail and Hanley to 12 months. In October 2015, TalkTalk Telecom Group plc publicly disclosed that four […]
Security researchers at F-Secure have recently uncovered a small spam campaign aimed at delivering spyware to Mac users that use Exodus wallet. Security experts at F-Secure have recently spotted a small spam campaign aimed at Mac users that use Exodus cryptocurrency wallet. The campaign leverages Exodus-themed phishing messages using an attachment named “Exodus-MacOS-1.64.1-update.zip.” The messages were […]
TP-Link has addressed several vulnerabilities, including a remote code execution flaw, in its TL-R600VPN small and home office (SOHO) router. TP-Link as fixed four security vulnerabilities in the TL-R600VPN small and home office (SOHO) router that were reported by experts at Cisco Talos. The vulnerabilities are two remote code execution (RCE) flaws(CVE-2018-3950, CVE-2018-3951), a denial-of-service issue (CVE-2018-3948), and a server information disclosure bug (CVE-2018-394). The DOS and server information […]
Hackers earned more than $1 million for zero-day exploits disclosed at the Tianfu Cup PWN hacking contest that took place on November 16-17 in Chengdu. Hackers earned more than $1 million for zero-day exploits disclosed at the Tianfu Cup PWN competition that took place on November 16-17 in Chengdu during the Tianfu Cup conference. According to organizers, hackers […]
Malware researchers from Cybaze ZLab – Yoroi team have detected a new strain of malware that appears to be associated with a new wave of attacks carries out by Russia linked APT29 group. The researchers of Yoroi ZLab, on 16 November, accessed to a new APT29’s dangerous malware which seems to be involved in the recent […]
The defense and aviation industries are particularly exposed to cyber attacks and are adopting new countermeasures to harden their infrastructure and aircraft. Crook and nation-state actors continue to target defense and aviation industries and in some case, the increasing level of sophistication of the attacks is creating great concerns. The Israeli government is moving to harden aviation assets from […]
The CarsBlues attack leverages security flaws in the infotainment systems installed in several types of vehicles via Bluetooth to access user PII. A new Bluetooth hack, dubbed CarsBlues, potentially affects millions of vehicles, Privacy4Cars warns. The CarsBlues attack leverages security flaws in the infotainment systems installed in several types of vehicles via Bluetooth, it affects users […]