According to the ENISA Threat Landscape Report 2020, cyberattacks are becoming more sophisticated, targeted, and in many cases undetected. Iâm proud to present the ENISA Threat Landscape Report 2020, the annual report published by the ENISA that provides insights on the evolution of cyber threats for the period January 2019-April 2020. The 8th annual ENISA Threat Landscape […]
VMware patched several flaws in its ESXi, Workstation, Fusion and NSX-T products, including a critical code execution vulnerability. VMware has fixed several vulnerabilities in its ESXi, Workstation, Fusion and NSX-T products, including a critical flaw that allows arbitrary code execution. The critical vulnerability, tracked as CVE-2020-3992, is a use-after-free issue that affects the OpenSLP service […]
Adobe has released a second out-of-band security update to address critical vulnerabilities affecting several products. Adobe has released a second out-of-band security update to fix critical vulnerabilities that impact numerous products of the IT giant. The flaws impact Adobe Illustrator, Dreamweaver, Marketo, Animate, After Effects, Photoshop, Premiere Pro, Media Encoder, InDesign, and the Creative Cloud […]
Sweden is banning Chinese tech giant Huawei and ZTE from building new 5G wireless networks due to national security concerns. Another state, Sweden, announced the ban of Chinese tech companies Huawei and ZTE from building its 5G network infrastructure. The Swedish Post and Telecom Authority announced this week that four wireless carriers bidding for frequencies […]
Google has released Chrome version 86.0.4240.111 that also addresses the CVE-2020-15999 flaw which is an actively exploited zero-day. Google has released Chrome version 86.0.4240.111 that includes security fixes for several issues, including a patch for an actively exploited zero-day vulnerability tracked as CVE-2020-15999. The CVE-2020-15999 flaw is a memory corruption bug that resides in the FreeType font rendering library, which is included […]
Microsoft brought down TrickBot infrastructure last week, but a few days later the botmasters set up a new command and control (C&C) servers. Microsoftâs Defender team, FS-ISAC, ESET, Lumenâs Black Lotus Labs, NTT, and Broadcomâs cyber-security division Symantec joined the forces and announced last week a coordinated effort to take down the command and control infrastructure of the infamous TrickBot botnet. Even if […]
The US National Security Agency (NSA) has shared the list of top 25 vulnerabilities exploited by Chinese state-sponsored hacking groups in attacks in the wild. The US National Security Agency (NSA) has published a report that includes details of the top 25 vulnerabilities that are currently being exploited by China-linked APT groups in attacks in the […]
The global data privacy landscape is changing and everyday we can see new regulations emerge. These regulations are encouraging organizations to be better custodians of the consumers data and create a healthier space for data privacy. In order to do so organizations will need to rework their operations and revamp their processes in order to […]
Researchers discovered that MMO game Street Mobster is leaking data of 1.9 million users due to SQL Injection critical vulnerability. Attackers could exploit the SQL Injection flaw to compromise the gameâs database and steal user data. Original Post: https://cybernews.com/street-mobster-game-leaking-data-of-2-million-players The CyberNews.com Investigation team discovered a critical vulnerability in Street Mobster, a browser-based massively multiplayer online […]
The Nefilim ransomware operators have posted a long list of files that appear to belong to Italian eyewear and eyecare giant Luxottica. Luxottica Group S.p.A. is an Italian eyewear conglomerate and the worldâs largest company in the eyewear industry. As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass […]