Security experts from Skyhigh Networks discovered a wide-scale attack with a new stealthy technique, dubbed KnockKnock, that targets Office 365 accounts. The cloud access security broker Skyhigh Networks discovered a wide-scale attack with a new stealthy technique, dubbed KnockKnock, that targets Office 365 (O365) accounts. The massive campaign leverages a low-key attack, started in May and is […]
A British teenager admitted in a British court to have attempted to hack into the computers of top US officials, including former CIA chief John Brennan. On Friday, the British teenager Kane Gamble (18) from Coalville, Leicester, admitted in a British court to have attempted to hack into the computers of top US officials, including former CIA chief John Brennan. Kane […]
Disqus data breach – The blog comment hosting service for web sites and online communities Disqus has confirmed a data breach that occurred back in 2012. On Friday evening, the worldwide blog comment hosting service for web sites and online communities Disqus has confirmed a data breach that occurred back in 2012. In 2012, hackers have stolen details for at least 17.5 million Disqus user accounts. The […]
Siemens has just released a firmware update for the 7KT PAC1200 Siemens smart meters that addresses a critical vulnerability. Siemens has just released a firmware update for the 7KT PAC1200 Siemens smart meters to fix a critical vulnerability that can be exploited by remote attackers to bypass authentication and perform administrative actions on the device. The […]
Apple released a patch for macOS High Sierra 10.13 that address also a flaw in Apple file system that exposes encrypted drive’s password in the hint box. Apple yesterday released a security patch for macOS High Sierra 10.13 to fix vulnerabilities in the Apple file system (APFS) volumes and Keychain software. The vulnerability in the Apple file system was first […]
Russian hackers allegedly exploited Kaspersky AV to hack into NSA contractor and steal the NSA exploit code. It complicates Kaspersky’s position. Anonymous sources have claimed Russian intelligence extracted NSA exploits from a US government contractor’s home PC using Kaspersky Lab software. Sources told the Wall Street Journal that a malicious code allowed cyber spies to exfiltrate classified code, […]
Security researchers with Trend Micro discovered a backdoor dubbed SYSCON that uses an FTP server for command and control (C&C) purposes. The SYSCON backdoor is spreading through tainted documents that refer North Korea and target individuals connected to the Red Cross and the World Health Organization. The use of an FTP server as C&C is uncommon for […]
Several security vulnerabilities have been patched in recent weeks in Apache Tomcat, including the CVE-2017-12617 Code Execution vulnerability. Several security vulnerabilities have been patched in recent weeks in Apache Tomcat. The list of fixed flaws recently addressed also included code execution vulnerabilities. Apache Tomcat is the most widely used web application server, with over one million downloads […]
Researchers from security firm Intezer speculate that the attack was powered by nation-state actor, likely the Chinese APT17 group. Security experts continue to investigate the recent attack against the supply chain of the popular software CCleaner. The hackers first compromised in July a CCleaner server, then exploited it to deliver a backdoored version of the 32-bit CCleaner […]
The Yahoo hack occurred in 2013 is bigger than originally stated, Verizon confirmed that all 3 Billion Yahoo accounts were hacked in the attack. The Yahoo hack occurred in 2013, the biggest known data breach suffered by a tech company, is bigger than originally stated. Verizon Communications, which acquired Yahoo for $4.48 billion in June, […]