Experts warn of ongoing scans for Apache Tomcat servers affected by the Ghostcat flaw that could allow attackers to take over servers. Security experts are warning of ongoing scans for Apache Tomcat servers affected by the recently disclosed Ghostcat vulnerability CVE-2020-1938. The flaw affects all versions of Apache Tomcat, it could be exploited by attackers […]
Experts from Cybaze/ Yoroi Zlab spotted a new sample of the Karkoff implant that was employed in past campaigns associated with Iran-linked APT34 group.Experts from Cybaze/ Yoroi Zlab spotted a new sample of the Karkoff implant that was employed in past campaigns associated with Iran-linked APT34 group. Introduction In November 2018, researchers from Cisco Talos […]
SurfingAttack is an attacking technique that allows to wake up mobile device and control them using voice commands encoded in ultrasonic waves. SurfingAttack is a hacking technique that sees voice commands encoded in ultrasonic waves silently activate a mobile phone’s digital assistant. The technique could be used to do several actions such as making phone […]
This week, several media reported that agents of the Russian intelligence reportedly went to Ireland to inspect the undersea cables. The Sunday Times reported that Russian intelligence agents have been sent to Ireland to gather detailed information on the undersea cables that connect Europe to North America. The news is alarming, intelligence agencies fear that […]
Threat actors are launching a hacking campaign aimed at taking over tens of thousands of WordPress sites by exploiting critical vulnerabilities. One of the issues exploited in the attacks is a zero-day vulnerability that affects several plugins and that could allow hackers to create admin accounts and take over the sites. Researchers at NinTechNet reported […]
RailWorks Corporation, one of the leading railroad track and transit system providers in North America, disclosed a ransomware attack. RailWorks Corporation, one of the leading providers of rail infrastructure solutions in North America, disclosed a ransomware attack. The security breach may have also exposed personally identifiable information (i.e. Government-issued IDs, Social Security numbers, dates of birth, dates of hire/termination […]
Ghostcat flaw affects all versions of Apache Tomcat and could be exploited by hackers to read configuration files or install backdoors on vulnerable servers. All versions of Apache Tomcat are affected by a vulnerability dubbed Ghostcat that could be exploited by attackers to read configuration files or install backdoors on vulnerable servers. The vulnerability, tracked as […]
Network data collected by the NetBlocks internet observatory confirm that Turkey has blocked access to social media as Idlib military crisis escalates Network data collected by the NetBlocks internet observatory confirm that the Turkish authorities have blocked access to social media following allegations of an attack on Turkish troops in Idlib, Syria on Thursday 27 […]
An interesting report published by RiskIQ on 2019 Mobile App Threat Landscape, lists the most dangerous mobile app store online. Mobile users downloaded over 200 billion apps in 2019 and the overall expense in app stores worldwide has been estimated in more than $120 billion. Threat actors don’t want to miss this amazing business opportunity […]
Cisco released security patches for 11 vulnerabilities in its products, including the Cisco UCS Manager, FXOS, and the NX-OS software. The most severe vulnerabilities, rated as high severity, affect FXOS and NX-OS that could be exploited by an unauthenticated, adjacent attacker to execute arbitrary code as root. The exploitation of the flaw could trigger a denial […]