The Chinese security Xudong Zheng is warning of Homograph Phishing Attacks are “almost impossible to detect” also to experts. The Chinese security researcher Xudong Zheng has devised a phishing technique that is “almost impossible to detect.” Hackers can exploit a known vulnerability in the popular web browsers Chrome, Firefox and Opera to display to the […]
It started quietly as a probability not a reality. Now within months cyberwarfare has become a reality plausible as the air we breathe. The revelation of governments hacking units has brought light for a new domain of conflict: Cyberwarfare. Once a secret these government agencies were public revealed like the Equation Group as well as […]
The Security expert David Routin (@Rewt_1) has detailed a step by step procedure to exploit the recently patched cve-2017-0199 vulnerability exploited in Windows attacks in the wild. Introduction Since several days the security community has been informed thanks to FireEye publication of different malware campaigns (Dridex…) leveraging the CVE-2017-0199. Several other publications were related to this vulnerability but […]
The failure of the missile launch made the North Korea may have been thwarted by a cyber attack powered by the US Cyber Command. The crisis between the US and North Korea is increasing, Donald Trump warns his military may ‘have no choice’ to strike the rogue state. According to The Sun, US cyber soldiers may have […]
The Callisto APT Group borrowed the source code leaked by hackers that broke into Hacking Team network. According to F-Secure Labs, The Callisto APT Group used the HackingTeam leaked surveillance software to gather intelligence on foreign and security policy in eastern Europe and the South Caucasus. The Callisto APT group targeted government officials, military personnel, journalists and think tanks since […]
Security experts discovered vulnerabilities in the Bosch Drivelog Connector dongle that could be exploited by hackers to stop the engine. Security Researchers at automotive cybersecurity firm Argus discovered vulnerabilities in Bosch Drivelog Connect solution that can be exploited by hackers to inject malicious messages into a vehicle’s CAN bus. The Bosch Drivelog Connect is the […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. First of all, let me inform you that at the #infosec16 SecurityAffairs was awarded as The Best European Personal Security Blog http://securityaffairs.co/wordpress/48202/breaking-news/securityaffairs-best-european-personal-security-blog.html · Millions of mobile phones and laptops potentially exposed to attack leveraging baseband zero-days · ATMitch – […]
Facebook disrupted an international spam campaign leveraging on bogus accounts used to create “likes” and bogus comments. The security team at Facebook has disrupted an international spam operation after a six months investigation. The company has neutralized a coordinated campaign that was leveraging on bogus accounts used to create inauthentic likes and comments. “Today we are taking another […]
Microsoft determined that most of the flaws exploited by the tools in the dump released by Shadow Brokers yesterday were patched in March. Yesterday the Shadow Brokers hacker group has released a new portion of the alleged archive of the NSA containing hacking tools and exploits. The group released a 117.9 MB encrypted dump containing […]
A bug dubbed Riddle vulnerability affecting MySQL 5.5 and 5.6 clients exposed user credentials to MiTM attacks. Update to version 5.7. A coding error dubbed The Riddle has been uncovered in the popular DBMS Oracle MySQL, the issue can be potentially exploited by attacker powering a man-in-the-middle attack to steal usernames and passwords. “The Riddle is a […]