IT Information Security Archives - Page 486 of 623 - Security Affairs

IT Information Security

Pierluigi Paganini September 25, 2021

Google addressed the eleventh Chrome zero-day flaw this year

Google released a Chrome emergency update for Windows, Mac, and Linux that addresses a high-severity zero-day flaw exploited in the wild. Google has released Chrome 94.0.4606.61 for Windows, Mac, and Linux that addresses a high-severity zero-day vulnerability (CVE-2021-37973) exploited in the wild. An attacker can exploit this flaw to execute arbitrary code on systems running vulnerable Chrome versions. This vulnerability […]

Pierluigi Paganini September 25, 2021

European Union formally blames Russia for the GhostWriter operation

European Union representatives formally accused Russia of attempting to target the elections and political systems of several EU states. European Union has formally accused Russia of meddling in the elections and political systems of several EU states. EU high representative said that Russia-linked threat actors were behind a recent operation tracked as Ghostwriter. The officials […]

Pierluigi Paganini September 24, 2021

CVE-2021-20034 flaw can allow SMA 100 device takeover, patch it now!

SonicWall fixed a critical security flaw, tracked as CVE-2021-20034, that impacts some Secure Mobile Access (SMA) 100 series products that can allow device takeover. SonicWall has addressed a critical security vulnerability, tracked as CVE-2021-20034, that impacting several Secure Mobile Access (SMA) 100 series products. The vulnerability is an improper access control vulnerability that can be […]

Pierluigi Paganini September 24, 2021

Researcher released PoC exploit code for 3 iOS zero-day issues

Researcher release PoC exploit code for three iOS zero-day flaws after Apple delayed addressing them and did not credit him. An unknown researcher publicly released on GitHub proof-of-concept exploit code for three iOS zero-day vulnerabilities and one flaw addressed by Apple in July. The experts discovered the four zero-day issues between March 10 and May […]

Pierluigi Paganini September 24, 2021

Cisco addresses 3 critical vulnerabilities in IOS XE Software

Cisco fixed three critical flaws impacting IOS XE operating system powering some of its devices, such as routers and wireless controllers. Cisco has addressed three critical vulnerabilities impacting its IOS XE operating system powering multiple products, including routers and wireless controllers. The most severe of these vulnerabilities is a Remote Code Execution Vulnerability, tracked as CVE-2021-34770, […]

Pierluigi Paganini September 24, 2021

3.8 billion Clubhouse and Facebook user records allegedly scraped and merged, put for sale online

A user on a popular hacker forum is selling a database that purportedly contains 3.8 billion Clubhouse and Facebook user records. Original Post @CyberNews https://cybernews.com/security/3-8-billion-allegedly-scraped-and-merged-clubhouse-and-facebook-user-records-put-for-sale-online/ A user on a popular hacker forum is selling a database that purportedly contains 3.8 billion user records. The database was allegedly compiled by combining 3.8 billion phone numbers from […]

Pierluigi Paganini September 24, 2021

New FamousSparrow APT group used ProxyLogon exploits in its attacks

Researchers spotted a new cyberespionage group, dubbed FamousSparrow, that used ProxyLogon exploits to target hotels worldwide. Researchers from ESET discovered a new cyberespionage group, tracked as FamousSparrow, that has been targeting hotels worldwide around the world since at least 2019. The group also hit higher-profile targets such as law firms, governments, and private companies worldwide. According […]

Pierluigi Paganini September 23, 2021

Apple addresses a new zero-day exploited to deploy the NSO Pegasus spyware

Apple has addressed three zero-day vulnerabilities exploited by threat actors in attacks in the wild to take over iPhones and Macs. Apple has released security updates to address three zero-day vulnerabilities exploited in attacks in the wild to compromise iPhones and Macs running vulnerable iOS and macOS versions. Apple confirmed that at least one of […]

Pierluigi Paganini September 23, 2021

A bug in Microsoft Exchange Autodiscover feature leaks +372K of domain credentials

A flaw in the Microsoft Exchange Autodiscover feature can be exploited to harvest Windows domain and app credentials. Security researchers from Guardicore discovered a flaw in the Microsoft Exchange Autodiscover feature that can be exploited to harvest Windows domain and app credentials from users worldwide. The Microsoft Autodiscover protocol feature of Exchange email servers provides an […]

Pierluigi Paganini September 23, 2021

BulletProofLink, a large-scale phishing-as-a-service active since 2018

Microsoft uncovered a large-scale phishing-as-a-service operation, dubbed BulletProofLink, that enabled threat actors to easily carry out malicious campaigns. Microsoft researchers have uncovered a large-scale phishing-as-a-service (PHaaS) operation, dubbed BulletProofLink (aka Anthrax), that offers to its customers phishing kits, email templates, and hosting and automated services to carry out phishing attacks. BulletProofLink service was very cheap […]

1
2
484
485
486
487
488
621
622
623