ROCA vulnerability (CVE-2017-15361) allows attackers to recover users Private RSA Keys, billion devices potentially impacted. While security experts are discussing the dreaded KRACK attack against WiFi networks IT giants, including Fujitsu, Google, HP, Lenovo, and Microsoft are warning their customers of a severe flaw in widely used RSA cryptographic library produced by German semiconductor manufacturer Infineon Technologies. The vulnerability, tracked […]
Another day, another news about a clamorous data breach, this time the Reuters agency revealed that Microsoft suffered a major security breach back in 2013. According to five former employees, hackers broke into the company vulnerabilities and bug reports database, but the news was never disclosed. The former employees explained that Microsoft addressed all the […]
Security researchers from Kaspersky Labs spotted the BlackOasis APT group exploiting a new zero-day RCE vulnerability in Adobe Flash. Security researchers from Kaspersky Labs have discovered a new zero-day remote code execution vulnerability in Adobe Flash, tracked as CVE-2017-11292, which was being actively exploited by hackers in the wild to deliver the surveillance software FinSpy. Hackers belonging to the […]
The KRACK attack allows an attacker to decrypt information included in protected WPA2 traffic. WPA2 standard has been compromised! Boffins have discovered several key management flaws in the core of Wi-Fi Protected Access II (WPA2) protocol that could be exploited by an attacker to hack into Wi-Fi network and eavesdrop on the Internet communications stealing sensitive […]
Pizza Hut U.S. notified customers over the weekend a âtemporary security intrusionâ on PizzaHut.com that exposed payment card and contact information. Pizza Hut U.S. notified customers over the weekend a âtemporary security intrusionâ on PizzaHut.com, the security breach might have exposed payment card and contact information. The popular restaurant chain notified users via email, according to Pizza […]
Cisco issued a security advisory on a local privilege escalation vulnerability in the Linux Kernel, patch it as soon as possible. On Friday, Cisco issued a security advisory on a local privilege escalation vulnerability in the Advanced Linux Sound Architecture (ALSA). The vulnerability in the Linux Kernel, tracked as CVE-2017-15265, is due to a use-after-free memory […]
The web journalist Marc Miller has interviewed one of the hackers of the ICEMAN group that claims to be behind the Operation ‘Emmental’ that targeted bank clients. Operation “Emmental” is the nickname for a grand-scale phishing campaign targeting bank clients. The goal of the campaign is to receive fraudulent payments by taking actions (e.g. money […]
Siemens has released a firmware update that addresses two vulnerabilities in its BACnet Field Panel building automation controllers. This week Siemens has released a firmware update for its BACnet Field Panel building automation products that solved two vulnerabilities, one of which is classified as high severity. The vulnerabilities affect APOGEE PXC and TALON TC BACnet […]
Swedish transport agencies were hit by cyber attacks on Wednesday and Thursday, October 11 and 12, is it Information Warfare? Swedish transport authorities were hit by cyber attacks on Wednesday and Thursday, October 11 and 12. The attacks have brought down several IT systems causing delays of the train transportation. The first attack hit the Sweden Transport […]
Researchers with Counter Threat Unit at SecureWorks continues to monitor the Bronze Butler cyberespionage group (aka Tick). Researchers with Counter Threat Unit at SecureWorks are monitoring the Bronze Butler cyberespionage group (aka Tick). The hacker group has been targeting Japanese heavy industry, manufacturing and international relations at least since 2012, According to the experts, the […]