Security  

  •  
  • By Sergiu Gatlan
  • December 13th, 2018
Samsung Patches CSRF Issues That Could Allow Hackers to Take Over User Accounts

Samsung Patches CSRF Issues That Could Allow Hackers to Take Over User Accounts

The researcher who found the bugs got a $13,300 bounty

  •  
  • By Sergiu Gatlan
  • December 13th, 2018
US Treasury Officials' Emails Targeted by Charming Kitten Iranian Hacking Group

US Treasury Officials' Emails Targeted by Charming Kitten Iranian Hacking Group

Phishing attacks also aimed at activists and journalists

  •  
  • By Sergiu Gatlan
  • December 13th, 2018
Cybercrooks Steal $1 Million from Save the Children Charity via BEC Attack

Cybercrooks Steal $1 Million from Save the Children Charity via BEC Attack

The international NGO still has to recover $112,000

  •  
  • By Sergiu Gatlan
  • December 13th, 2018
WordPress Fixes Critical PHP Object Injection Issue Leading to Code Execution

WordPress Fixes Critical PHP Object Injection Issue Leading to Code Execution

Information disclosure bug with high CVSS score also patched

  •  
  • By Sergiu Gatlan
  • December 13th, 2018
Personal Info of 540K People Exposed in French Ministry Website Breach

Personal Info of 540K People Exposed in French Ministry Website Breach

Names, phone numbers and email addresses stolen

  •  
  • By Sergiu Gatlan
  • December 12th, 2018
phpMyAdmin Fixes Severe Local File Inclusion Vulnerability

phpMyAdmin Fixes Severe Local File Inclusion Vulnerability

XSRF/CSRF and XSS security issues also patched

  •  
  • By Sergiu Gatlan
  • December 12th, 2018
Operation Sharpshooter Uses Fileless Malware to Attack Global Infrastructure

Operation Sharpshooter Uses Fileless Malware to Attack Global Infrastructure

Actor uses recruiting lure for collection and exfiltration

  •  
  • By Sergiu Gatlan
  • December 12th, 2018
Campaign Drops Coinminer on Linux Boxes Using Old Elasticsearch Vulnerabilities

Campaign Drops Coinminer on Linux Boxes Using Old Elasticsearch Vulnerabilities

Actors pivot to other network devices from infected machines

  •  
  • By Sergiu Gatlan
  • December 12th, 2018
PayPal's Customers Most Targeted by Phishing Campaigns During 2018, Says Report

PayPal's Customers Most Targeted by Phishing Campaigns During 2018, Says Report

60% of phishing emails contain malicious attachments

  •  
  • By Sergiu Gatlan
  • December 12th, 2018
Large Organizations Face Up to Several Million Targeted Bot Attacks per Day

Large Organizations Face Up to Several Million Targeted Bot Attacks per Day

Some botnets are capable of a million attacks per hour

  •  
  • By Sergiu Gatlan
  • December 12th, 2018
Crooks Use Spoofed Critical Russian Infrastructure Domains to Mimic State APT

Crooks Use Spoofed Critical Russian Infrastructure Domains to Mimic State APT

RedControle backdoor chosen as the group's weapon of choice

  •  
  • By Sergiu Gatlan
  • December 12th, 2018
Health and Retail Sectors Targeted by CapitalInstall Malware Campaign

Health and Retail Sectors Targeted by CapitalInstall Malware Campaign

Payload dropped via Azure hosted drive-by-download links

  •  
  • By Sergiu Gatlan
  • December 11th, 2018
Novidade Exploit Kit Actively Targeting SOHO and Home Routers

Novidade Exploit Kit Actively Targeting SOHO and Home Routers

Malware campaign uses CSRF to change routers' DNS settings

  •  
  • By Sergiu Gatlan
  • December 11th, 2018
Microsoft Fixes Nine Critical Vulnerabilities in December 2018 Patch Tuesday

Microsoft Fixes Nine Critical Vulnerabilities in December 2018 Patch Tuesday

Twenty nine other security issues were rated as "Important"

  •  
  • By Sergiu Gatlan
  • December 11th, 2018
Adobe Patches 39 Cross-Platform Critical Security Issues in Acrobat and Reader

Adobe Patches 39 Cross-Platform Critical Security Issues in Acrobat and Reader

Multiple code execution and privilege escalation bugs fixed

  •  
  • By Sergiu Gatlan
  • December 11th, 2018
ESET Unearths Android Trojan That Steals Funds from 2FA-Secured PayPal Accounts

ESET Unearths Android Trojan That Steals Funds from 2FA-Secured PayPal Accounts

The Android malware can steal funds in under 5 seconds

  •  
  • By Sergiu Gatlan
  • December 11th, 2018
Third-Party Investigation Finds No Malicious Chips on Supermicro Motherboards

Third-Party Investigation Finds No Malicious Chips on Supermicro Motherboards

No malicious hardware found by customers, US agencies either

 
Want more? Browse: