Tripwire VERT has identified a stack-based buffer overflow in SonicWall Network Security Appliance (NSA). The flaw can be triggered by an unauthenticated HTTP request involving a custom protocol handler. The vulnerability exists within the HTTP/HTTPS service used for product management as…
Microsoft will block installation of incorrect third-party drivers for Windows 10 and Windows Server users. According to the plan, this will save you from unnecessary compatibility problems and unexpected bugs. “When installing drivers created by third-party companies, users may see…
The researchers modified the firmware of XR11 so that the microphone could be turned on remotely. Guardicore found a number of vulnerabilities in the XR11 remote control for Xfinity subscribers (a subsidiary of U.S. telecommunications corporation Comcast). According to them,…
Malwarebytes experts have discovered a hack group that engages in cyber-espionage and abuses the Windows Error Reporting (WER) functionality to conduct file-free attacks. In general, using WER to bypass protection is not a new tactic, but now it seems to…
The TeamTNT cybercriminal group has recently updated its malicious program with cryptomainer features. The network worm can now steal passwords from victims and more easily spread to other devices with an additional network scanner. TeamTNT is best known for its…
Juniper experts identified numerous malicious campaigns that are used to deliver payload paste sites (instead of conventional C&C servers). Thus, hackers hide their malicious code in plain sight and, among other things, save on infrastructure. The researchers write that the…
An unidentified cybercriminal group injects malicious code into a legitimate Windows Error Reporting (WER) service as part of a dangerous fileless attack. This technique helps bypass detection by protective means. Frankly speaking, WER operation is not such a new method,…
Dangerous vulnerabilities were detected in Pepperl+Fuchs industrial switches Comtrol RocketLinx (CVE-2020-12500, CVE-2020-12501, CVE-2020-12502, CVE-2020-12503 and CVE-2020-12504). Operation of some of them allows for full control over the device The problems were discovered by security researchers from the Austrian IT company…
According to security researchers, two iPhone jailbreak exploits can hack into Mac and MacBook with the latest Apple T2 security chips. The technique of hacking Apple computers with two iPhone jailbreaks is very complex, and its discussion for several weeks…
Security researchers from CyberArk Labs have identified vulnerabilities in popular antivirus products. In case of successful exploitation these gaps allow attackers to increase rights in the system. Since antiviruses work with elevated privileges, flaws in their code can be especially dangerous….
According to Palo Alto Networks specialists, malicious activity was detected on some sites with the highest traffic. According to the results of research by Palo Alto Networks specialists, a large number of popular sites from the top 10,000 Alexa ranking…
Cybercriminals attack Windows 7 users, using as bait the free upgrade to a more modern version of the operating system – Windows 10. In fact, the attackers are trying to steal the records of the victims. As of October 2020,…
Vulnerabilities in Cisco IOS XE software, WordPress plug-ins, FoxRider software etc. were detected. Cisco Systems has fixed several vulnerabilities ( CVE-2020-3141 and CVE-2020-3425 ) in its IOS XE software. Their exploitation allowed the remote attacker to increase privileges on the…
Cyber-crime group APT-C-23 (other names Two-Tailed Scorpion and Desert Scorpion) armed with a new version of spyware for Android devices with an updated C& C-strategy and advanced spy functionality for tracking users of WhatsApp and Telegram. Currently, the malware Android/SpyC32.A…
In Firefox for Android serious vulnerability in the implementation of the protocol SSDP, used to detect network services on the local network. The vulnerability allows an attacker located on the same LAN or wireless network to respond to Firefox test…
Scientists have created a technique by which the computer can track signals from the human brain, as well as simulate visual perception. Thanks to this artificial intelligence has learned to demonstrate previously unknown information, published the journal Scientific Reports. The…
Source code for several operating systems, including Windows XP and Windows Server 2003, leaked to 4chan as a 42.9 gb torrent file The content of this torrent file includes source code for several older Microsoft operating systems, such as Windows…
Passwords as a means of protecting user data are completely outdated. You can pick up any of them in a few minutes using cloud computing, and the service for decrypting hashed passwords can be found in Google or Yandex in…
From October 13th Google cloud service will automatically delete files that have been in the shopping cart for more than 30 days. This should be known to users who store digital garbage on “Disk” in the hope that it may…
For several months WhatsApp has been testing the function of sending media files, which should be automatically deleted for all chat participants after the specified timer. The first mention of this innovation appeared in early March. Now, with the release…
Europol has launched a website that not only identifies the software used by extortionists, but also provides over a hundred decryptors. According to the Europol Center for Combating Cybercrime (EC3), extortion software is currently one of the major cyber threats…
Attackers can take advantage of some GoogleAppEngine features to dynamically generate an infinite number of subdomains, which will be considered safe by most corporate antiviruses. Google App Engine Problems Cyber security researcher Marcel Afrahim described a technique for transforming the…
In the last two weeks it became known about two vulnerabilities in Bluetooth wireless communication standard. First, on September 9th the Bluetooth SIG organization issued a warning about the BLURtooth family of attacks. In theory, the vulnerability in the Bluetooth…
