Security Affairs Archives - Page 984 of 1057 - Security Affairs

Security Affairs

Pierluigi Paganini April 14, 2018

Are your Android devices updated? Researchers say maybe no

Probably you don’t know that many Android smartphone vendors fail to roll out Google’s security patches and updates exposing the users to severe risks. Researchers at Security Research Labs (SRL) that the problem also involves major vendors, including HTC, Huawei, and Motorola. In some cases, manufacturers roll out incomplete security patches leaving the devices vulnerable to […]

Pierluigi Paganini April 14, 2018

Great Western Railway asks users to reset passwords due to a security breach

The British train company Great Western Rail announced it has suffered a security breach that affected at least 1,000 accounts out of more than a million. The company owned by the FirstGroup transport business runs trains between London, Penzance, and Worcester Great Western Rail is urging affected customers to change the password used to access the GWR.com portal, it also informed […]

Pierluigi Paganini April 13, 2018

Experts warn threat actors are scanning the web for Drupal installs vulnerable to Drupalgeddon2

After the publication of a working Proof-Of-Concept for Drupalgeddon2 on GitHub for “educational or information purposes,” experts started observing bad actors attempting to exploit the flaw. At the end of March, the Drupal Security Team confirmed that a “highly critical” vulnerability (dubbed Drupalgeddon2), tracked as CVE-2018-7600, was affecting Drupal 7 and 8 core and announced the availability of security updates on […]

Pierluigi Paganini April 13, 2018

When the Russian Malware coder Gatsoev is praised by the Russian head of Information Department of the Ministry of Education and Science of North Ossetia

When the Russian young Malware coder is praised by the Russian head of Information Department of the Ministry of Education and Science of North Ossetia. Under the spotlight: the story of Atsamaz Gatsoev (aka “1ms0rry”) who has set up his illegal business. A new write-up made by a security researcher known as Benkow (@Benkow_) has been […]

Pierluigi Paganini April 13, 2018

Experts uncovered a proxy botnet composed of over 65,000 routers exposed via UPnP protocol

Security researchers at Akamai have discovered a proxy botnet composed of more than 65,000 routers exposed to the Internet via the Universal Plug and Play (UPnP) protocol. Crooks have compromised the devices of this multi-purpose proxy botnet to conduct a wide range of malicious activities, including spamming and phishing, click fraud, account takeover and credit card […]

Pierluigi Paganini April 13, 2018

Uber agrees to new FTC settlement over 2016 data breach

Uber agrees to a new settlement with the Federal Trade Commission over the massive 2016 data breach, the authorities could assign civil penalties against the company if it will fail to share incident data with FTC. Uber agrees to a new settlement with the Federal Trade Commission over the massive 2016 data breach. “Uber Technologies, […]

Pierluigi Paganini April 13, 2018

$3.3 Million stolen from main Coinsecure Bitcoin wallet

Cryptocurrency exchange Coinsecure, India’s second exchange, announced that it has suffered a severe issue, 438 bitcoin, $3,3 million worth of bitcoin Cryptocurrency exchange Coinsecure, India’s second exchange, announced that it has suffered a severe issue, 438 bitcoin, $3,3 million worth of bitcoin, have been transferred from the main wallet to an account that is not under their control. CEO […]

Pierluigi Paganini April 12, 2018

APT33 devised a code injection technique dubbed Early Bird to evade detection by anti-malware tools

The Iran-linked APT33 group continues to be very active, security researchers at Cyberbit have discovered an Early Bird code injection technique used by the group. The Early Bird method was used to inject the TurnedUp malware into the infected systems evading security solutions. The technique allows injecting a malicious code into a legitimate process, it allows execution […]

Pierluigi Paganini April 12, 2018

CVE-2018-0950 flaw in Microsoft Outlook could be exploited to steal Windows Passwords

An 18-month-old CVE-2018-0950 vulnerability in Microsoft Outlook could be exploited by hackers to steal the Windows Password. Almost 18 months ago, the security researcher Will Dormann of the CERT Coordination Center (CERT/CC) has found a severe vulnerability in Microsoft Outlook (CVE-2018-0950), time is passed but Microsoft partially addressed it with the last Patch Tuesday updates. […]

Pierluigi Paganini April 12, 2018

Researchers discovered several flaws that expose electrical substations to hack

The ICS-CERT and Siemens published are warning organizations of security flaws in Siemens devices (SIPROTEC 4, SIPROTEC Compact, and Reyrolle devices) that could be exploited by hackers to target electrical substations. “Successful exploitation of these vulnerabilities could allow an attacker to upload a modified device configuration that could overwrite access authorization passwords, or allow an […]

1
2
982
983
984
985
986
1055
1056
1057