This week Apple released security patches to address the CVE-2020-9859 zero-day vulnerability that had been used to jailbreak iPhones devices. Apple released security patches to address the CVE-2020-9859 zero-day vulnerability in the iOS kernel that had been used to jailbreak iPhones. The flaw was discovered by a team of cyber-security researchers and hackers that also […]
Researchers disclosed a flaw in VMware Cloud Director platform, tracked as CVE-2020-3956, that could be abused to takeover corporate servers. Security researchers from hacking firm Citadelo disclosed details for a new critical vulnerability in VMware’s Cloud Director platform, tracked as CVE-2020-3956, that could be abused to takeover corporate servers. VMware Cloud Director is a cloud service-delivery platform […]
The REvil/Sodinokibi ransomware operators have leaked the files allegedly stolen from the UK power grid middleman Elexon. In May Elexon, a middleman in the UK power grid network, was the victim of a cyber attack, its systems have been infected with the Sodinokibi ransomware. The incident impacted only affected the internal IT network, including the […]
The expert Bhavuk Jain received an award of $100,000 for reporting a severe security issue in ‘Sign in with Apple’ authentication bypass bug that could allow the takeover of third-party user accounts. The bug hunter Bhavuk Jain received an award of $100,000 by Apple, as part of its bug bounty program, for reporting a severe […]
Maintainers at the Joomla open-source content management system (CMS) announced a security breach that took place last week. Last week a member of the Joomla Resources Directory (JRD) team left an unencrypted full backup of the JRD site (resources.joomla.org) on an unsecured Amazon Web Services S3 bucket operated by the company. The company did not […]
Earlier this year a hacker breached Daniel’s Hosting, the largest free web hosting provider for dark web hidden services and now leaked its DB. A threat actor has leaked the database of Daniel’s Hosting (DH), the largest free web hosting provider for dark web hidden services. The hacker has stolen the data in March when […]
The hacktivist collective group Anonymous demands justice for George Floyd and threatens to ‘expose the many crimes’ of Minneapolis Police. Anonymous demands justice for George Floyd and threatens to ‘expose the many crimes’ of Minneapolis Police. George Floyd was killed by a white police officer by kneeling on his neck for more than eight minutes. […]
EU Agency for Cybersecurity ENISA has published a new report of the proactive detection of incidents, including measures and information sources. The EU Agency for Cybersecurity ENISA has published a new report and accompanying repository on measures and information sources that could help security experts and operators of IT and critical infrastructure to proactively detect […]
Two security flaws in the PageLayer WordPress plugin can be exploited to potentially wipe the contents or take over WordPress sites. Security experts from WordFence discovered two high severity security vulnerabilities in the PageLayer WordPress plugin that could potentially allow attackers to wipe the contents or take over WordPress sites using vulnerable plugin versions. PageLayer is a WordPress page […]
Security researchers uncovered a new COVID-19-themed campaign targeting users of the National Institute for Social Security (INPS). Security experts from D3Lab have uncovered a new COVID-19-themed phishing campaign that is targeting the users of the Italian National Institute for Social Security (INPS). Like a previous campaign observed in early April, threat actors set up a fake […]