VMware has addressed a critical arbitrary code execution flaw affecting the SVGA virtual graphics card used by its ESXi, Workstation, and Fusion products. VMware has released security updated to fix a critical arbitrary code execution vulnerability (CVE-2018-6974) in the SVGA virtual graphics card used by its ESXi, Workstation, and Fusion solutions. The issue in the VMware products […]
A water utility in the US state of North Carolina suffered a severe ransomware attack in the week after Hurricane Florence hit the East Coast of the U.S. According to the Onslow Water and Sewer Authority (aka ONWASA) some internal systems were infected with the Emotet malware, but the regular water service was not impacted. According to ONWASA, […]
Kaspersky experts published a detailed analysis of the attacks conducted by the Russian-linked cyber espionage group DustSquad. Earlier October, security experts from ESET shared details about the operations of a cyber espionage group tracked as Nomadic Octopus, a threat actor focused on diplomatic entities in Central Asia. The group has been active since at least 2015, ESET researchers presented […]
iOS passionate Jose Rodriguez disclosed a new passcode bypass bug that could be to access photos and contacts on a locked iPhone XS. The security passionate Jose Rodriguez has discovered a new passcode bypass bug that could be exploited on the recently released iOS 12.0.1. A few weeks ago, Rodriguez discovered a passcode bypass vulnerability in Appleâs new iOS […]
Millions of voter records are available for sale on the Dark Web, experts discovered over 35 million US voter records for sale in a hacking forum. Millions of voter records are available for sale on the Dark Web, experts from Anomali and Intel 471 discovered 35 million US voter records for sale in a hacking forum. […]
Free Wi-Fi is convenient, but it is also unsafe and puts users at great risk. Hereâs how the cybercriminals attack user on these open networks. The free Wi-Fi is one of the catchiest things for the users in todayâs world. This is the main reason why so many free public Wi-Fi can be found without […]
The Security Service of Ukraine (SBU) uncovered a new targeted attack launched by BlackEnergy APT on the IT systems of Ukrainian government entities. The Security Service of Ukraine (SBU) uncovered a new targeted attack on the information and telecommunication systems of Ukrainian government entities. The SBU attributed the attack to the BlackEnergy Russia-linked APT group. “The […]
More than 685 million users may have been exposed to XSS attacks due to a flaw in Branch.io service used by Tinder, Shopify, and many others. Security Affairs was the first to publish the news of a DOM-XSS Bug Affecting Tinder, Shopify, Yelp, and other dating application. The flaws were disclosed a few days ago by […]
A Russian-speaking hacker, who goes by the name of Alexey, claims to have hacked into over 100,000 MikroTik routers with a specific intent, disinfect them. Earlier August, experts uncovered a massive crypto jacking campaign that was targeting MikroTik routers to inject a Coinhive cryptocurrency mining script in the web traffic. The campaign started in Brazil, but it rapidly expanded to […]
Experts from 0Patch revealed that the Microsoft Zero-Day Patch for JET Database Engine vulnerability (CVE-2018-8423) is incomplete. The vulnerability was discovered by the researcher Lucas Leong of the Trend Micro Security Research team that publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows. The flaw is an out-of-bounds (OOB) write in the JET Database Engine that […]