Google published its second Threat Analysis Group (TAG) report which reveals the company has taken down ten coordinated operations in Q2 2020. Google has published its second Threat Analysis Group (TAG) report, a bulletin that includes coordinated influence operation campaigns tracked in Q2 of 2020. Google revealed to have taken down ten coordinated operations in […]
The United States National Security Agency (NSA) is warning of risks posed by location services for staff who work in defence or national security. The United States National Security Agency (NSA) published a new guide to warn of the risks posed by location services for staff who work in defence or national security. The guide, titled […]
Security researchers from threat intelligence firm Cyble have discovered user records of American online food ordering and delivery platform UberEats on DarkWeb. Another day, another data breach made the headlines, this time the alleged victim is UberEATS. UberEats is an American online food ordering and delivery platform launched by Uber in 2014. During the process […]
Red Hat is warning customers to not install the package updates released to address the BootHole vulnerability due to possible problems reported by the users. This week, firmware security company Eclypsium reported that billions of Windows and Linux devices are affected by a serious GRUB2 bootloader issue (CVE-2020-10713), dubbed BootHole, that can be exploited to install a […]
Experts spotted an undetectable Linux malware that exploits undocumented techniques to evade detection and targets publicly accessible Docker servers Cybersecurity researchers at Intezer spotted a new completely undetectable Linux malware, dubbed Doki, that exploits undocumented evasion techniques while targeting publicly accessible Docker servers. The ongoing Ngrok mining botnet campaign is targeting servers are hosted on popular cloud platforms, including Alibaba […]
A new version of the REMnux Linux toolkit for malware analysts is available for download, it includes a huge set of tools for professionals. REMnux is a Linux toolkit for reverse-engineering and dissecting software, it includes a collection of free tools created by the community that allows researchers to investigate malware. The toolkit was first […]
Peripheral devices with unsigned firmware can expose Windows and Linux machines to hack, warn experts from firmware security firm Eclypsium. Experts at firmware security firm Eclypsium have discovered that many peripheral device manufacturers have not implemented security checks to prevent the installation of firmware from an untrusted source. An attacker could exploit the lack of […]
A researcher has publicly released some proof-of-concept (PoC) exploits and technical details for flaws in Cisco’s Data Center Network Manager (DCNM). Early this month, Cisco released security updates for its Cisco’s Data Center Network Manager (DCNM) product that address several critical and high-severity vulnerabilities. All the vulnerabilities were reported to Cisco through Trend Micro’s Zero Day Initiative (ZDI) and Accenture’s iDefense service […]
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Experts found 17 apps in the Apple App Store infected […]
Maintainers at the PHP programming language have released new versions that address multiple flaws, including some code execution issues. The development team behind the PHP programming language recently released new versions of PHP to address multiple high-severity vulnerabilities in its core and bundled libraries. The most severe flaw could be exploited by a remote attacker […]