Microsoft Patches Windows Privilege Escalation Flaws Exploited in Attacks Microsoft has released its April 2019 Patch Tuesday updates that address over 70 vulnerabilities, including two Windows zero-day flaws. Microsoft has released the April 2019 Patch Tuesday updates that address 74 vulnerabilities, including two Windows zero-days under active attack. April 2019 Patch Tuesday security updates resolve […]
In the last weeks, a new Android surveillance malware dubbed Exodus made the headlines, now expert found the iOS version of the government spyware. Security experts at LookOut have discovered an iOS version of the dreaded surveillance Android app Exodus that was initially found on the official Google Play Store. Exodus for Android is a […]
The developer, marketer, direct-seller, and wholesaler of indoor garden systems, AeroGrow International, suffered a payment card data breach. AeroGrow International, a developer, marketer, direct-seller, and wholesaler of indoor garden systems, recently notified customers of a payment card data breach. The incident impacted the company website. “On March 4, 2019, AeroGrow learned that an unauthorized person […]
Unofficial security patches have been released for two Oracle Java Runtime Environment (RE) flaws yet to be fixed discovered by Google Project Zero researcher. Unofficial security patches have been released for two Oracle Java Runtime Environment (RE) vulnerabilities discovered by Google Project Zero researcher Mateusz Jurczyk. The company hasn’t yet released an official update to […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! Ex-NSA contractor Harold Thomas Martin pleads guilty to federal charge of willful retention of national defense information Experts released the List of ~600 MAC addresses hit in ASUS hackï»ż […]
Rockwell Automation released updates for Allen-Bradley Stratix industrial switches that address several DoS flaws introduced by Cisco software. Rockwell Automation released security updates that address several DoS vulnerabilities in its Allen-Bradley Stratix industrial switches introduced by Cisco software. ICS-CERT and Rockwell Automation published three separate advisories to warn of the effects of the vulnerabilities introduced […]
Security experts at Bad Packets uncovered a DNS hijacking campaign that is targeting the users of popular online services, including Gmail, Netflix, and PayPal. Experts at Bad Packets uncovered a DNS hijacking campaign that has been ongoing for the past three months, attackers are targeting the users of popular online services, including Gmail, Netflix, and […]
Security experts at FireEye observed the financially motivated group FIN6 adding the LockerGoga and Ryuk ransomware to its arsenal. According to cybersecurity experts at FireEye, the FIN6 cybercrime group is diversifying its activities and added LockerGoga and Ryuk ransomware to its arsenal. Previous attacks conducted by the FIN6 group aimed at compromising point-of-sale (PoS) systems, […]
Currently of 300,000+ Magento stores, the vast majority of the installs is still running vulnerable versions of the popular content management system. The problem with patches is that sometimes they fix something and sometimes they break something. Sounds strange, right? Well, let us explain ourselves. See, PRODSECBUG-2198 is a security patch for Magento that fixes […]
Researchers at AT&T Alien Labs have spotted a malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. Experts at AT&T Alien Labs discovered a new piece of malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. The name ‘Xwo‘ comes from […]