A vulnerability in HP OfficeJet all-in-one inkjet printer can be exploited by attackers to gain control of the printer and use it as entry point into the network environment. A critical vulnerability potentially exposes millions of HP OfficeJet printers to hack, according to the experts at Check Point the attackers only need to send a […]
Last week Oracle disclosed a critical vulnerability in its Oracle Database product, the issue tracked as CVE-2018-3110 has received a CVSS score of 9.9, On Friday, Oracle released security patches to address a critical vulnerability affecting its Database product, the company is urging install them as soon as possible. The vulnerability resides in the Java VM component […]
Patrick Wardle, the popular white hat hacker, has discovered a zero-day vulnerability that could allow attackers to carry out synthetic mouse-click attacks Patrick Wardle, the popular white hat hacker and chief research officer at Digita Security, has discovered a zero-day vulnerability that could allow attackers to mimic mouse-clicks for kernel access. Wardle presented his discovery […]
Crooks are targeting DLink DSL modem routers in Brazil to redirect users to fake bank websites by carrying out DNS hijacking. Crooks are targeting DLink DSL modem routers in Brazil to redirect users to fake bank websites by changing the DNS settings. With this trick, cybercriminals steal login credentials for bank accounts, Radware researchers reported. The attackers […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! ·     A malware paralyzed TSMC plants where also […]
UpGuard discovered an unsecured GoDaddy’s Amazon S3 bucket containing sensitive information related to more than 31,000 GoDaddy systems. Experts at cybersecurity firm UpGuard have reported that another big company was victim of a data leak, it is the domain name registrar and web hosting company GoDaddy. The popular UpGuardâs risk analyst Chris Vickery discovered an unsecured […]
Journalists revealed a new surveillance program that targets US citizens, the program was previously-undisclosed and code named ‘Quiet Skies’. According to the Transportation Security Administration (TSA), that has admitted the Quiet Skies, the program has monitored about 5,000 U.S. citizens on domestic flights in recent months. Quiet Skies was criticized by privacy advocates because the […]
Group-IB is recording new outbreaks of illegal mining (cryptojacking) threats in the networks of commercial and state organizations. Group-IB, an international company specializing in the prevention of cyberattacks, is recording new outbreaks of illegal mining (cryptojacking) threats in the networks of commercial and state organizations. According to Group-IB’s Threat Intelligence, over a year, the number of shadow-forum ads […]
Researchers demonstrated how a sophisticated threat actor can hack a brand new Apple Mac computer in enterprise environments through MDM. A security duo composed by Jesse Endahl, CPO and CSO at macOS management firm Fleetsmith, and Max BĂ©langer, staff engineer at Dropbox, demonstrated at the Black Hat security conference how a persistent attacker could compromise […]
Security researchers at Intezer and McAfee have conducted a joint investigation that allowed them to collect evidence that links malware families attributed to North Korean APT groups such as the notorious Lazarus Group and Group 123. The experts focused their analysis on the code reuse, past investigations revealed that some APT groups share portions of code […]