Browsing category
In a report released on Tuesday, Akamai says it spotted DDoS attacks leveraging the CLDAP protocol for the first time, and attacks using this protocol have the potential to incur serious damage, based on the opinion of its experts. The CLDAP protocol, defined by RFC 1798 and replaced by RFC 3352, is an alternative to […]
In this blog post, I discuss the vulnerabilities of the Bosch Drivelog Connector OBD-II dongle found by the Argus Research Team. The vulnerabilities allowed us to stop the engine of a moving vehicle using the Drivelog platform. On February 20th, 2017, in accordance with Argus’ responsible disclosure policy, upon uncovering the vulnerabilities we informed Bosch […]
On Good Friday and ahead of the Easter holiday, the Shadow Brokers have dumped a new collection of files, containing what appears to be exploits and hacking tools targeting Microsoft’s Windows OS and evidence the Equation Group had gained access to servers and targeted the SWIFT banking system of several banks across the world. The […]
A popular version of the open source Magento ecommerce platform is vulnerable to a zero-day remote code execution vulnerability, putting as many as 200,000 online retailers at risk. The warning comes from security firm DefenseCode, which found and originally reported the vulnerability to Magento in November. “During the security audit of Magento Community Edition, a […]
King of copy-paste exploits, the Sundown exploit kit, has been offline since March 8, and this also includes most of its variations, according to security researcher Kaffeine and Jérôme Segura of Malwarebytes. While exploit kit operators have taken vacations in the past, they never lasted this long, and these were usually during the winter holidays […]
Same exploit used by malware crooks and nation-sponsored hackers targeting Russians. A critical Microsoft Word zero-day that was actively exploited for months connected two strange bedfellows, including government-sponsored hackers spying on Russian targets and financially motivated crooks pushing crimeware. That assessment, made Wednesday with “moderate confidence” from researchers at security firm FireEye, is all the […]
SAP has issued an updated patch for a code-injection vulnerability affecting the TREX search engine integrated into more than a dozen SAP products, including the old NetWeaver application integration platform and the SAP HANA database. The flaw was originally found in 2015 and patched in SAP HANA, the company’s in-memory data analysis and database infrastructure. […]
Microsoft today patched a zero-day Word vulnerability that has been publicly attacked along with deploying fixes for Internet Explorer, Microsoft Edge and Windows 10. In all, nine Microsoft products received updates totaling 45 unique CVEs. Three of the vulnerabilities among Tuesday’s updates, according to Microsoft, are under active attack. One of the bugs (CVE-2017-0199) […]
Earlier today, Adobe has released security patches for several of its applications, including Adobe Flash Player, Adobe Campaign, Adobe Photoshop CC, the Creative Cloud Desktop Application, and Adobe Acrobat and Reader. While all the Adobe security bulletins released today include important patches, the ones affecting Flash, Acrobat/Reader, and Photoshop, are worrisome, mainly due to the […]
Riverbed Technology has patched four serious vulnerabilities in its SteelCentral portal, a centralized application performance monitoring platform. The flaws could allow an attacker to access critical application data and move through the network to other Riverbed agents feeding data into the central platform. An attacker would need to be on the network already to exploit […]
Security researchers from Symantec have tied the CIA hacking tools leaked by WikiLeaks last month to a cyber-espionage group responsible for at least 40 hacks in 16 countries. The group’s activity came to light in 2014, when security researchers from Symantec first identified attacks from a common actor that appeared to have the backing of […]
A particular TP-Link router model will spew out its admin password in cleatext to anyone that sends an SMS message to the router’s SIM card with a particular script inside, according to German security researcher Jan Hörsch, who shared his findings with German newspaper Heise.de. The vulnerability affects TP-Link model M5350, a 3G mobile Wi-Fi […]
At McAfee, we have put significant efforts in hunting attacks such as advanced persistent threats and “zero days.” Yesterday, we observed suspicious activities from some samples. After quick but in-depth research, this morning we have confirmed these samples are exploiting a vulnerability in Microsoft Windows and Office that is not yet patched. This blog post […]
The Shadow Brokers (TSB) are back, and they’ve released the password for the rest of the hacking tools they claim to have stolen from the NSA last year. TSB is a mysterious group that appeared in the summer of 2016 when they dumped on GitHub and other sites a trove of files they claim to […]
[jpshare] MS word Document is on of the main Vector to easily spread the Macro viruses to the Victims. an undisclosed vulnerability has been Discovered in Microsoft Office RTF( Rich Text Format) Document. FireEye Security Researchers Said, This vulnerability allows a malicious actor to execute a Visual Basic script when the user opens a document containing an embedded exploit.This vulnerability found […]
If you follow the steps in the phishing email, you may end up giving attackers a way into stealing your identity. Apple customers should pay extra attention to the emails they’re getting because there’s another wave of phishing taking place right now. In fact, bogus “Welcome to iCloud Mail” scam emails are hitting inboxes as […]
The investigation into The Love Zone child pornography site was much larger in scope than previously thought. Last year, Motherboard found Australian authorities had unmasked Tor users in the US as part of a child pornography investigation. Judging by court documents, Australian authorities sent targets a hyperlink to a video that, when clicked, would give […]
For more than a month, at least ten groups of attackers have been compromising systems running applications built with Apache Struts and installing backdoors, DDoS bots, cryptocurrency miners, or ransomware, depending if the machine is running Linux or Windows. For their attacks, the groups are using a zero-day in Apache Struts, disclosed and immediately fixed […]
Short Bytes: There are good chances that you might’ve heard about Samsung’s Android replacement Tizen OS. Recently, an Israeli researcher uncovered 40 zero-days in this Linux-based open source OS. As most of the flaws can enable remote code execution, they are very critical. While Samsung refused to acknowledge the findings initially, it has recently promised to mitigate […]
Hackers are using a combination of low and high-tech attacks to make ATMS spit out cash, according to Kaspersky researcher Igor Soumenkov, who presented this novel attack at this year’s Security Analyst Summit, taking place in St. Maarten this week. These attacks first started last year, when several banks in Europe and Russia discovered empty […]
Owners of Android and iOS devices should pay special attention to security updates released by Google and Apple on Monday, as they contain fixes for a series of critical bugs affecting their phone’s WiFi component. The issues, discovered by Google Project Zero security researcher Gal Beniamini, affect the Broadcom WiFi SoC (Software on Chip), included […]