Security Affairs Archives - Page 825 of 1047

Pierluigi Paganini May 14, 2019

Millions of computers powered by Intel chips are affected by MDS flaws

Millions of computers powered by Intel processors are affected by a new class of vulnerabilities (MDS) that can leak potentially sensitive data. Researchers from multiple universities and security firms discovered a new class of speculative execution side-channel vulnerabilities that could be exploited with new side-channel attack methods dubbed Fallout, RIDL (Rogue In-Flight Data Load), and ZombieLoad. “On May […]

Pierluigi Paganini May 14, 2019

Thrangrycat flaw could allow compromising millions of Cisco devices

Security firm Red Balloon discovered a severe vulnerability dubbed Thrangrycat, in Cisco products that could be exploited to an implant persistent backdoor in many devices. Experts at Red Balloon Security disclosed two vulnerabilities in Cisco products. The first issue dubbed Thrangrycat, and tracked as CVE-2019-1649, affects multiple Cisco products that support Trust Anchor module (TAm). The issue […]

Pierluigi Paganini May 14, 2019

North Korea-linked ScarCruft APT adds Bluetooth Harvester to its arsenal

The North Korea-linked APT group ScarCruft (aka APT37 and Group123) continues to expand its arsenal by adding a Bluetooth Harvester. North Korea-linked APT group ScarCruft (aka APT37, Reaper, and Group123) continues to expand its arsenal by adding a Bluetooth Harvester. ScarCruft has been active since at least 2012, it made the headlines in early February […]

Pierluigi Paganini May 14, 2019

Malware Training Sets: FollowUP

The popular expert Marco Ramilli provided a follow up to its Malware classification activity by adding a scripting section which would be useful for several purposes. On 2016 I was working hard to find a way to classify Malware families through artificial intelligence (machine learning). One of the first difficulties I met was on finding […]

Pierluigi Paganini May 14, 2019

Unprotected DB exposed PII belonging to nearly 90% of Panama citizens

Personally identifiable information belonging to roughly 90% of Panama citizens were exposed on a poorly configured Elasticsearch server. Security researcher Bob Diachenko discovered an unprotected Elasticsearch server exposing personally identifiable information belonging to nearly 90% of Panama citizens. Exposed data includes full names, birth dates, national ID numbers, medical insurance numbers, and other personal data. […]