Malware researchers from Abuse.ch, BrillantIT, and Proofpoint have sinkholed the control infrastructure behind EITest campaign and shut down it. Malware researchers from Abuse.ch, BrillantIT, and Proofpoint have sinkholed the control infrastructure behind EITest campaign that leveraged on a network of hacked servers exploited by crooks to distribute traffic (TDS). The network was used to redirect users to compromised domains hosting exploit kits, delivering […]
Probably you don’t know that many Android smartphone vendors fail to roll out Google’s security patches and updates exposing the users to severe risks. Researchers at Security Research Labs (SRL) that the problem also involves major vendors, including HTC, Huawei, and Motorola. In some cases, manufacturers roll out incomplete security patches leaving the devices vulnerable to […]
The British train company Great Western Rail announced it has suffered a security breach that affected at least 1,000 accounts out of more than a million. The company owned by the FirstGroup transport business runs trains between London, Penzance, and Worcester Great Western Rail is urging affected customers to change the password used to access the GWR.com portal, it also informed […]
After the publication of a working Proof-Of-Concept for Drupalgeddon2 on GitHub for âeducational or information purposes,â experts started observing bad actors attempting to exploit the flaw. At the end of March, the Drupal Security Team confirmed that a âhighly criticalâ vulnerability (dubbed Drupalgeddon2), tracked as CVE-2018-7600, was affecting Drupal 7 and 8 core and announced the availability of security updates on […]
Security researchers at Akamai have discovered a proxy botnet composed of more than 65,000 routers exposed to the Internet via the Universal Plug and Play (UPnP) protocol. Crooks have compromised the devices of this multi-purpose proxy botnet to conduct a wide range of malicious activities, including spamming and phishing, click fraud, account takeover and credit card […]
Cryptocurrency exchange Coinsecure, India’s second exchange, announced that it has suffered a severe issue, 438 bitcoin, $3,3 million worth of bitcoin Cryptocurrency exchange Coinsecure, India’s second exchange, announced that it has suffered a severe issue, 438 bitcoin, $3,3 million worth of bitcoin, have been transferred from the main wallet to an account that is not under their control. CEO […]
The Iran-linked APT33 group continues to be very active, security researchers at Cyberbit have discovered an Early Bird code injection technique used by the group. The Early Bird method was used to inject the TurnedUp malware into the infected systems evading security solutions. The technique allows injecting a malicious code into a legitimate process, it allows execution […]
An 18-month-old CVE-2018-0950 vulnerability in Microsoft Outlook could be exploited by hackers to steal the Windows Password. Almost 18 months ago, the security researcher Will Dormann of the CERT Coordination Center (CERT/CC) has found a severe vulnerability in Microsoft Outlook (CVE-2018-0950), time is passed but Microsoft partially addressed it with the last Patch Tuesday updates. […]
The ICS-CERT and Siemens published are warning organizations of security flaws in Siemens devices (SIPROTEC 4, SIPROTEC Compact, and Reyrolle devices) that could be exploited by hackers to target electrical substations. “Successful exploitation of these vulnerabilities could allow an attacker to upload a modified device configuration that could overwrite access authorization passwords, or allow an […]
Microsoft has released April Patch Tuesday security updates that address 66 vulnerabilities, five of them could be exploited by an attacker to compromise a PC by just tricking the victims into visiting a website or opening a specifically crafted file. Hackers can compromise your computer just visiting a malicious website or clicking a malicious link. […]