Cisco released security patches to fix RCE flaws in the Webex Network Recording Player for Advanced Recording Format (ARF). Cisco released security patches to address vulnerabilities in the Webex Network Recording Player for Advanced Recording Format (ARF) (CVE-2018-15414, CVE-2018-15421, and CVE-2018-15422) that could be exploited by an unauthenticated, remote attacker to execute arbitrary code on a […]
Cybercriminals have stolen 6.7 billion yen ($60 million) worth of cryptocurrencies from the Japanese digital currency exchange Zaif exchange. According to the Tech Bureau Corp., a Japanese cryptocurrency firm, hackers have compromised its Zaif exchange and have stolen 6.7 billion yen ($60 million) worth of cryptocurrencies, including Bitcoin, Monacoin, and Bitcoin Cash. The stole digital currencies […]
Magecart hackers have stolen customers’ credit card data from the computer hardware and consumer electronics retailer Newegg. The Magecart cybercrime group is back, this time the hackers have stolen customers’ credit card data from the computer hardware and consumer electronics retailer Newegg. Magecart is active since at least 2015, recently the group hacked the websites of Ticketmaster, British Airways, and Feedify […]
Adobe releases a critical out-of-band patch for CVE-2018-12848 Acrobat flaw, the security updates address a total of 7 vulnerabilities. Adobe address seven vulnerability in Acrobat DC and Acrobat Reader DC, including one critical vulnerability that could be exploited by attackers to execute arbitrary code. “Adobe has released security updates for Adobe Acrobat and Reader for Windows […]
Security experts at Flashpoint discovered the availability of the access to over 3,000 compromised sites sold on Russian black marketplace MagBo A new report published by researchers at Flashpoint revealed the availability on an underground hacking forum for Russian-speaking users of access to over 3,000 breached websites. “Access to approximately 3,000 breached websites has been discovered for […]
Security experts from Kaspersky have published an interesting report on the new trends in the IoT threat landscape. What is infecting IoT devices and how? The researchers set up a honeypot to collect data on infected IoT devices, the way threat actors infect IoT devices and what families of malware are involved. The first data that emerged […]
An authentication bypass vulnerability in Western Digital My Cloud NAS could allow hackers to access the content of the storage Researchers at security firm Securify have discovered an elevation of privilege vulnerability in the Western Digital My Cloud platform that could be exploited by attackers to gain admin-level access to the device via an HTTP request. The flaw, […]
A new report published by Citizen Lab revealed that the NSO Pegasus spyware was used against targets across 45 countries worldwide. A new investigation of the Citizen Lab revealed that the powerful Pegasus mobile spyware was used against targets across 45 countries around the world over the last two years. Pegasus is a surveillance malware developed by the Israeli surveillance NSO Group that […]
Security researcher Max Justicz has discovered several flaws in the distribution Alpine Linux, including an arbitrary code execution. Alpine Linux is an independent, non-commercial, general purpose Linux distribution that is heavily used in containers, including Docker. Alpine Linux is based on musl libc and busybox, it is a tiny distro and is optimized to manage resources, it […]
According to Avira, hundreds of thousands of unpatched Windows systems are serially infected with EternalBlue exploit code. The EternalBlue, is the alleged NSA exploit that made the headlines with DOUBLEPULSAR in the WannaCry attack. The malicious code was leaked online by the Shadow Brokers hacking group that stole it from the arsenal of the NSA-linked Equation Group. ETERNALBLUE targets the Server […]