A severe privilege escalation vulnerability, tracked as CVE-2020-11492, has been addressed in the Windows Docker Desktop Service. Cybersecurity researchers from Pen Test Partners publicly disclosed a privilege escalation vulnerability in the Windows Docker Desktop Service. The CVE-2020-11492 issue affects the way the service uses named pipes when communicating as a client to child processes. “Docker Desktop for […]
ZLab researchers spotted a new malicious espionage activity targeting Italian companies operating worldwide in the manufacturing sector. Introduction During our Cyber Threat Intelligence monitoring we spotted new malicious activities targeting some Italian companies operating worldwide in the manufacturing sector, some of them also part of the automotive production chain. The group behind this activity is […]
Experts from the Microsoft Security Intelligence team provided some details on a new “massive campaign” using COVID-19 themed emails. Researchers from the Microsoft Security Intelligence team provided some details on a new massive phishing campaign using COVID-19 themed emails. The messages used weaponized Excel documents, the IT giant observed a spike in the number of […]
The Winnti hacking group continues to target gaming industry, recently it used a new malware named PipeMon and a new method to achieve persistence. Winnti hacking group is using a new malware dubbed PipeMon and a novel method to achieve persistence in attacks aimed at video game companies. The Winnti group was first spotted by Kaspersky […]
Santander Consumer Bank, the Belgian branch of the bank, had a misconfiguration in its blog domain that was allowing its files to be indexed. Our new research recently discovered a security issue with Santander, the 5th largest bank in Europe and the 16th largest in the world. This Spanish multinational bank controls approximately $1.4 trillion in […]
Meal delivery service Home Chef has confirmed that it recently suffered a security breach that exposed its customer information. Meal delivery service Home Chef has disclosed a data breach that exposed its customer information. Home Chef also explained that only a portion ot its customers were impacted in the security incident. In early May, Shiny […]
Thousands of Israeli websites have been defaced earlier today, hackers published an anti-Israeli message on their homepage and attempted to implant malicious code. A massive hacking campaign defaced thousands of Israeli websites, attackers published an anti-Israeli message on their homepage and attempted to inject a malware seeking permission to access visitors’ webcams. âBe ready for […]
Cybersecurity researchers uncovered an Iranian cyber espionage campaign conducted by Chafer APT and aimed at critical infrastructures in Kuwait and Saudi Arabia. Cybersecurity researchers from Bitdefender published a detailed report on an Iranian cyber espionage campaign directed against critical infrastructures in Kuwait and Saudi Arabia. The cyber espionage campaigns were carried out by Iran-linked Chafer […]
Japan continues to investigate a cyberattack that hit this year Mitsubishi Electric Corp., it suspects a possible leak of data including details of a prototype missile. Japan is still investigating a cyberattack that was disclosed by Mitsubishi Electric Corp. early this year. In January, the company disclosed a security breach that might have exposed personal and confidential corporate data, […]
VMware has addressed a high-severity remote code execution vulnerability, tracked as CVE-2020-3956, that affects its Cloud Director product. VMware has patched a high-severity remote code execution vulnerability, tracked as CVE-2020-3956, in its Cloud Director product. The vulnerability is a code injection issue that could be exploited by an authenticated attacker to send malicious traffic to […]