Security experts at Trustwave have discovered a hidden backdoor in Internet of Things devices manufactured by the Chinese firm DblTek. Researchers from Trustwave have discovered a backdoor in IoT devices manufactured by a Chinese vendor that is refusing to fix it. The backdoored devices are produced by the VoIP firm Dbltek, the researchers speculate the backdoor was […]
The researcher East-Ee Security devised a proof of concept bypass of the Google’s reCaptcha V2 verification system dubbed ReBreakCaptcha. East-Ee Security proposed a proof of concept bypass of the Google’s reCaptcha V2 verification system dubbed ReBreakCaptcha. The PoC uses the Google web-based tools for its purpose. According to the author, ReBreakCaptcha “lets you easily bypass […]
Dark net webmail provider For the third consecutive week, the popular Tor web email service SIGAINT is unavailable and the real cause is a mystery. SIGAINT is one of the largest web email services on the TOR network that is used to send messages preserving the user’s anonymity. For the third consecutive week, the popular email service is unavailable […]
More than 1 million WordPress website are at risk due to a critical SQL injection vulnerability in the NextGEN Gallery plugin. Update it asap. Security experts at Sucuri firm have identified a SQL injection flaw in the WordPress image gallery NextGEN Gallery that could be exploited by a remote to gain access to the targeted website’s backend, including sensitive […]
Zscaler has fixed persistent XSS vulnerabilities affecting Zscaler Cloud management software that allow logged attackers to hack coworkers. Serious cross-site scripting (XSS) flaws in the Zscaler Cloud management software could be exploited by attackers to inject malicious HTML and JavaScript into the browsers of other users who visit the portal. In order to exploit the flaws, the attacker […]
The Russian state-actor dubbed Gamaredon is back and has been using a custom-developed malware in a new cyber espionage campaign. According to the experts from Palo Alto Networks, a Russian state-actor dubbed Gamaredon has been using a custom-developed malware in cyber espionage campaign on the Ukrainian government, military and law enforcement officials. The Gamaredon APT was first spotted in […]
The Singaporean Defence Ministry confirmed that threat actors have breached government systems stealing personal information of its employees. On Tuesday, the Defence Ministry confirmed that unknown hackers have breached government system and have stolen personal information belonging about 850 Singapore national servicemen and employees. Data accessed by hackers includes telephone numbers, dates of birth, and national […]
A flaw in ESET Endpoint Antivirus is exploitable to get remote root execution on Apple Mac systems via Man-In-The-Middle (MiTM) attacks. According to the security advisory published by Google Security Team’s Jason Geffner and Jan Bee on Seclists, it is possible to get remote root execution on Apple Mac systems via Man-In-The-Middle (MiTM) attacks. The attackers […]
The researchers at Google’s Project Zero have revealed another flaw, tracked as CVE-2017-0037, that affects Microsoft Edge and IE. It has happened again, the researchers at Google’s Project Zero have revealed another flaw, tracked as CVE-2017-0037, in Microsoft products. The flaw affects Microsoft’s Internet Explorer and Edge browsers, it was first reported on November 25 […]
In December 2016 two Russian state security officers and a cyber security expert in Moscow were charged with treason due allegations made 7 years ago. In December 2016 two Russian state security officers and a cyber-security expert in Moscow were charged with treason due to the allegations made by a Russian businessman seven years ago. […]