Security firm Guardicore released technical information on a critical VMware vCenter Server vulnerability recently disclosed by VMware. Earlier this month, VMware has addressed a critical information disclosure flaw, tracked as CVE-2020-3952, that could be exploited by attackers to compromise vCenter Server or other services that use the Directory Service (vmdir) for authentication. The CVE-2020-3952 vulnerability […]
Developers of the popular WordPress GDPR Cookie Consent plugin have addressed a critical bug that could potentially impact 700K users. Critical vulnerabilities in the WordPress GDPR Cookie Consent plugin could be exploited by potential attackers to delete and change the content of the sites and inject malicious JavaScript code due to improper access controls. The GDPR Cookie Consent plugin assists users […]
The operators behind the infamous RobbinHood ransomware are exploiting a vulnerable GIGABYTE driver to kill antivirus products. Cybercriminals behind the RobbinHood Ransomware are exploiting a vulnerable GIGABYTE driver to install a malicious and unsigned driver into Windows with the intent of disabling security products. Ransomware operators leverage a custom antivirus killing package that is delivered to workstations […]
Apple has released an emergency patch in iOS 12.4.1 that addresses the CVE-2019-8605 use-after-free vulnerability that allowed iPhone jailbreak. Recently, Apple accidentally unpatched a vulnerability it had already fixed, making current versions of iOS vulnerable to hackers and allowing the jailbreak of the devices. Experts discovered that the iOS version 12.4 released in June has reintroduced a security […]
Cisco released security patches to address 17 critical and high-severity vulnerabilities affecting some Cisco Unified Computing products (UCS and IMC). Cisco has released security fixes to address 17 critical and high-severity vulnerabilities affecting some Cisco Unified Computing products. Most of the flaws affect the Integrated Management Controller (IMC) that is a baseboard management controller that […]
Problems for the popular file transfer service WeTransfer, its staff discovered that some file transfer emails were sent to the wrong people. WeTransfer, the popular file transfer service, issued a security notice to inform users that file transfer emails were sent to unintended email addresses on June 16 and 17. In response to the incident, […]
NASA Office of Inspector General revealed that the Agency’s network was hacked in April 2018, intruders exfiltrated roughly 500 MB of data related to Mars missions. According to a report published by the NASA Office of Inspector General, hackers breached the Agency’s network in April 2018 and remained undetected for nearly a year. The report […]
Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. Security experts at Cofense Phishing Defence Center have spotted a phishing campaign aimed at commercial banking customers that is distributing a new remote access trojan tracked as WSH RAT. The […]
Guardicore Labs uncovered a widespread cryptojacking campaign tracked as Nansh0u and aimed at Windows MS-SQL and PHPMyAdmin servers. Security experts at Guardicore Labs uncovered a widespread cryptojacking campaign leveraging a malware dubbed Nansh0u. The malicious code aimed at Windows MS-SQL and PHPMyAdmin servers worldwide. According to the experts, the malicious campaign is being carried out […]
A new batch of 127 million records appears in the dark web, this time the huge trove of data appears to be originated from eight companies. A hacker that goes online with the moniker ‘gnosticplayers‘ is offering for sale the data on the Dream Market marketplace asking $14,500 worth of Bitcoin. Early this week, the […]