The SQL Slammer worm, one of the most long-lived malware, now seems to be back online to compromise ancient SQL servers worldwide. SQL Slammer is probably one of the most long-lived threats, it first appeared  14 years ago and now it is back to compromise ancient SQL servers. SQL Slammer exploits an ancient flaw in Microsoft SQL […]
The web-based SCADA system Honeywell XL Web II Controller is affected by multiple flaws that can be remotely exploited to expose passwords in clear text. A popular web-based SCADA system designed by Honeywell is affected by multiple vulnerabilities that can be remotely exploited to expose passwords in clear text. In order to access the password in clear […]
The group of hacktivists Anonymous hacked the popular Freedom Hosting II Dark Web hosting provider, a fifth of the .onion websites is down. The collective Anonymous is back, this time the hacker groups breached Freedom Hosting II, a popular Dark Web hosting provider. After the closure of the original Freedom Hosting, Freedom Hosting II (FHII) become […]
The Norwegian intelligence agency PST is one of the targets of spear phishing attacks launched by the Russian APT 29 group. The dreaded Russian APT 29 group is back, the Norwegian authorities accuse Russia of cyber attacks that hit the foreign ministry, intelligence and other institutions. “Nine different email accounts were targeted in an attempt at […]
The US-CERT issued a security advisory to warn of a zero-day memory corruption vulnerability in the SMB (Server Message Block) protocol that can be exploited by a remote attacker. The US-CERT is warning of a zero-day memory corruption vulnerability in the SMB (Server Message Block) protocol that can be exploited to cause a denial of service condition or […]
According to the firm ProofPoint, Chinese state-sponsored actors continues to spy on military and aerospace organizations in Russia and Belarus. Chinese state-sponsored actors are spying on military and aerospace interests in Russia and Belarus. According to the experts from Proofpoint, the attacks began in the summer of 2016, the Chinese hackers launched a spear-phishing campaign leveraging […]
The experts at Cisco have discovered a critical authentication bypass vulnerability in the Cisco Prime Home during an internal security testing. Cisco has released a security update for CISCO Prime Home remote management and provisioning solution to fix a flaw that could be exploited to authentication bypass. The experts at Cisco have discovered the critical […]
The Metasploit hacking toolkit now includes a new hardware bridge that makes it easier for users to analyze hardware devices. The popular offensive hacking toolkit Metasploit now is powerful, it included a hardware bridge to conduct security tests on hardware. It is a great support to the users that have to test hardware, including IoT devices. […]
Given the high trust we have on Gmail we tend to believe that all messages that fall into our inbox are legit and safe, but there is something to know … 1.    Introduction Taking good care of e-mail messages is certainly among the first recommendations of any information security policy and user awareness program. The involved […]
The Russia-linked cyber espionage group known as Turla has been using a new piece of JavaScript malware to profile victims, Kaspersky Lab reported on Thursday. Turla is the name of a Russian cyber espionage ATP group (also known as Waterbug, Venomous Bear and KRYPTON) that has been active since at least 2007 targeting government organizations […]