An Italian expert discovered a critical Improper Authentication vulnerability affecting the UBER platform that allowed password reset for any account. The Italian security expert Vincenzo C. Aka @Procode701 has discovered 7 months ago a critical vulnerability in UBER platform that allowed password reset for any Uber account. The researcher reported the ‘Improper Authentication’ vulnerability through the company […]
Joomla maintainers released a fix for a critical SQL injection flaw, tracked as CVE-2017-8917, that can be exploited by a remote attacker to hijack websites On Wednesday Joomla maintainers released a fix for a critical SQL injection vulnerability, tracked as CVE-2017-8917, that can be easily exploited by a remote attacker to obtain sensitive data and hijack websites. The vulnerability […]
The tech giant Cisco announced an investigating on the potential impact of WannaCry malware on its products. Recent massive WannaCry ransomware attack highlighted the importance of patch management for any organization and Internet users. Another Tech giant, Cisco announced it is investigating the potential impact of WannaCry malware on its products, especially on its solutions that […]
Shadow Brokers made the headlines once again, the notorious group plans to offer data dump on a monthly subscription model. The notorious Shadow Brokers hacking group made the headlines during the weekend when systems worldwide were compromised by the WannaCry ransomware because the thread leveraged the EternalBlue exploit and DoublePulsar backdoor developed by the NSA. Both tools […]
Last Friday, a weaponized version of an NSA exploit was used to infect over two hundred thousand computers in over 150 countries with the WannaCry ransomware. In addition to government ministries and transportation infrastructure, the British National Health Service (NHS) was crippled, disrupting treatment and care for thousands of patients, and putting countless lives at […]
APT32 is a new APT group discovered by security experts at FireEye that is targeting Vietnamese interests around the globe. The APT32 group, also known as OceanLotus Group, has been active since at least 2013, according to the experts it is a state-sponsored hacking group. The hackers targeting organizations across multiple industries and have also targeted foreign governments, […]
WikiLeaks Reveals two distinct malware platforms codenamed AfterMidnight and Assassin used by the CIA operators to target Windows systems. While critical infrastructure worldwide and private organizations were ridiculed by the WannaCry attack, WikiLeaks released a new batch of CIA documents from the Vault 7 leaks. The new dump included the documentation related to two CIA frameworks used to create […]
Massive WannaCry Ransomware hits almost 150 countries around the world. How to avoid it? What’s happened? How to beat ransomware? Something rare but extremely dangerous is currently rotating around the web. Named after the feeling it inflicts on users when they find their PCs infected with it, WannaCry is a ransomware which encrypts all files […]
Security researchers from Cylance discovered a new fileless malware dubbed BAIJIU that was used to targets North Korea. Security experts believe the threat has a Chinese origin, attackers delivered it through a phishing campaign. “BAIJIU, which evades widespread detection, abuses global concern about the dire humanitarian situation in North Korea. It enters the target environment through an […]
The metaphor of a football match to explain the daily confrontation of a blue team against Black Hats. Who is the winner? I invite you to imagine a different soccer match. At one side, the Blue Team, in charge of your companyâs cyber security protection. In the other, the Black Hats, eager to bypass your […]