Security researchers at Cisco Talos are warning of a spike in attacks on unsecured Elasticsearch clusters to drop cryptocurrency miners. Cisco Talos experts have reported a spike in the attacks thatleverage known flaws to compromise unsecured Elasticsearch clusters and use them to mine crypto-currencies. At least six different threat actors are targeting installs running older […]
Researchers found a new set of flaws that can be exploited via Thunderbolt to compromise a broad range of modern computers with Thunderclap attacksResearchers found a new set of flaws that can be exploited via Thunderbolt to compromise a broad range of modern computers with Thunderclap attacks Security experts from Rice University in the United […]
The U.S. Cyber Command blocked the Internet access to the Russian troll factory while it was attempting to interfere with 2018 midterm. According to the Washington Post, that cites several U.S. officials, the operation conducted by the U.S. Cyber Command hit the Internet Research Agency in St. Petersburg, the company used by the Russian Government […]
Threat actors in the wild are exploiting the recently patched CVE-2019-6340 flaw in the Drupal CMS to deliver cryptocurrency miners and other payloads. Just three days after the CVE-2019-6340 flaw in Drupal was addressed, threat actors in the wild started exploiting the issue to deliver cryptocurrency miners and other payloads. Last week, Drupal core team […]
Cybaze-Yoroi ZLab investigated artefacts behind Australian Parliament attack to have an insight of Tools and Capabilities associated with the attackers. Introduction In the past days, a cyber attack targeted a high profile target on the APAC area: the Australian Parliament House. As reported by the Australian prime minister there was no evidence of any information theft […]
The Russian hacker Stanislav Vitaliyevich Lisov pleads guilty to bank fraud after running a botnet that spread ‘NeverQuest’ malware for three years. The Russian hacker Stanislav Vitaliyevich Lisov, aka “Black,” “Blackf,” is accused of using the NeverQuest banking Trojan to steal login information from victims. The man has pled guilty to one count of conspiracy […]
ToRPEDO attacks – A group of academics from Purdue University and the University of Iowa discovered multiple vulnerabilities in cellular networks that affect both 4G and 5G LTE protocols. A group of academics from Purdue University and the University of Iowa discovered multiple vulnerabilities in cellular networks that affect both 4G and 5G LTE protocols. […]
A security expert discovered a critical cross-site scripting (XSS) flaw in Yahoo Mail that could have been exploited to steal the targeted userâs emails and attach malicious code to their outgoing messages. Yahoo addressed a critical cross-site scripting (XSS) vulnerability in Yahoo Mail that could have been exploited by hackers to steal userâs emails and […]
The British Airways Entertainment System, as installed on Boeing 777-36N(ER) and possibly other aircraft, is affected by a privilege escalation issue tracked as CVE-2019-9019. Experts discovered a critical vulnerability in the British Airways Entertainment System. The flaw is a privilege escalation issue that resides in the component USB Handler, an attacker could exploit it using […]
Group-IB experts discovered new databases with a total of 69,189 Pakistani banksâ cards that have shown up for sale on the dark web. Group-IB, an international company that specializes in preventing cyberattacks, has discovered new databases with a total of 69,189 Pakistani banksâ cards that have shown up for sale on the dark web. The […]