The researcher Dmytro Oleksiuk published details of ThinkPwn flaw, a UEFI zero-day that could be exploited by hackers to disable security features. Once again the IT giant Lenovo is in the headlines, some products of the company and some others from other PC vendors, are affected by a UEFI vulnerability, dubbed ThinkPwn, that can be exploited […]
The United Kingdom has approved the Brexit, the decision of its citizen of leaving the Europe. Which are the first effects on cyber security? The reality behind the breakaway of the UK in the Brexit referendum vote after nearly 43 years as part of the European Union has caused many to fear the falling value […]
Researchers discovered two flaws in the Siemens SICAM PAS widely used in the energy industry. One of the vulnerabilities is still unpatched. Security experts from Positive Technologies that have reviewed the Siemens SICAM PAS (Power Automation System) solution have discovered two information disclosure vulnerabilities (CVE-2016-5848 and CVE-2016-5849) that can be exploited by a local attacker. The experts […]
Cisco released security patches for some of its products that fix critical and high severity flaw that could be remotely exploited by hackers. Cisco has released security patches for a number of high-severity vulnerabilities in the CISCO Management and other security products. One of the flaws, a critical vulnerability in the Cisco Prime Collaboration Provisioning (CVE-2016-1416), […]
According to the 2015 version of the ‘Transportation Systems Sector-Specific Plan’ the transportation industry is increasingly exposed to cyber threats. The transportation industry is considered part of the critical infrastructure of a country, and according to the IBMâs X-Force security team is it a privileged target for hackers. The report, Security Trends in the Transportation […]
In these days, a new anti-terrorism bill is becoming law in Russia, it includes a large number of issues related to internet monitoring. The terrorism is one of the dreaded threats on a global scale, almost every government is spending a significant effort in order to prevent plots against their population. Modern Terrorism is technological, it makes a large […]
The Thomson Reuters terrorist database World-Check used by banks and intelligence agencies worldwide was leaked online, 2.2 million records exposed. There is a terrorist database used by banks and intelligence agencies worldwide, it is called World-Check and unfortunately, it was leaked online. The leaked database is dated back 2014 and contains some 2.2 million records. […]
Lenovo fixed two flaws (CVE-2016-5249, CVE-2016-5248) in the Lenovo Solution Center, once again the company faces problems with pre-installed bloatware. Lenovo has fixed two high severity vulnerabilities, CVE-2016-5249, and CVE-2016-5248, in its Lenovo Solution Center that could be exploited by hackers to gain access to vulnerable machines and to kill any process running on them.  The […]
Apple confirms iOS 10 kernel code left unencrypted intentionally to improve OS performance and ensures that it will have no impact on security. The news is intriguing, while Apple announced the new release of its mobile operating system, the iOS 10, the experts discovered that its kernel is unencrypted. The researchers from MIT Technology who reviewed […]
This disclosure of an unpatched Remote Code Exec flaw in the Swagger API framework compromises NodeJS, Ruby, PHP, and Java. Swagger is a representation of RESTful API that allows developers to get interactive documentation, client SDK generation and discoverability. The Swagger generators are privileged tools for organisations to offer developers easy access to their APIs. Currently, the […]