CVE-2021-3156 is a recently disclosed vulnerability that affects almost the entire Linux ecosystem. Security researchers from Qualys named the major flaw “Baron Samedit,” as it affects “sudoedit -s”. According to the official description, the vulnerability is a heap-based buffer overflow,…
Apple recently addressed three zero-day vulnerabilities in iOS, iPadOS. CVE-2021-1782, CVE-2021-1870, and CVE-2021-1871 could allow threat actors to perform privilege escalation and remote code execution attacks. The company says the vulnerabilities were likely exploited in the wild, without specifying the…
Security researchers discovered a new threat endangering Linux servers. Called DreamBus, the botnet is a new variant of a previously known malware known as SystemdMiner. It is noteworthy that DreamBus is more evolved when compared to SystemdMiner. Zscaler researchers warn…
This article will reveal the ten techniques used ever more frequently for committing digital advertisement fraud. From hijacking adverts to using bots, cybercriminals make money off the backs of ad publishers and the advertising industry. The attacks are increasing both…
Security researcher Pierre Kim reported at least 28 security vulnerabilities and backdoors in the firmware of the FiberHome Technologies’ FTTH ONT router. According to Shodan data, the router is commonly used in South America and Southeast Asia. “FiberHome Technologies is…
Cisco’s Small Business RV110W, RV130, RV130W, and RV215W routers contain 68 vulnerabilities. However, the company doesn’t plan on fixing them. Instead, “customers are advised to refer to the end-of-life notices for these products,” the advisory explained. What is causing the…
Security researchers recently uncovered a Russian scam operation that made more than $6.5 million from victims across the United States, Europe, and former Soviet countries. The so-called Classiscam scheme was discovered by Group-IB researchers who came across an automated scam-as-a-service…
Cybersecurity experts have been looking into ways to improve anti-ransomware protection. The latest enhancement in the field is already a fact. 11th Generation of Intel Core vPro Business-Class Processors Intel and Cybereason have combined their efforts to add anti-ransomware defenses…
For Microsoft and Windows users, 2021 starts off with a heavy Patch Tuesday, addressing a total of 83 security vulnerabilities. Microsoft fixed bugs in the Windows operating system and some issues in cloud-based products, enterprise servers, and developer tools. However,…
David Schütz, a security researcher, just published a report detailing a YouTube security vulnerability that could make private videos visible at reduced resolution. To exploit the flaw, an attacker would need to know (or guess) the video identifier. Of course,…
Sixteen vulnerabilities were discovered in the Nvidia GPU display driver and vGPU software, some of which severe. The vulnerabilities could lead to denial of service, escalation of privileges, data tampering, and information disclosure attacks. The Nvidia GPU display driver supports…
Users should patch several new browser vulnerabilities affecting Chrome, Firefox, and Edge. The vulnerabilities are rated critical and could allow attackers to hijack susceptible systems. It should be noted that the Firefox flaw identified as CVE-2020-16044 is separate from the…
The new year has started with a new strain of enterprise ransomware, and now a cryptocurrency malware. Discovered in December, ElectroRAT is a “wide-ranging operation targeting cryptocurrency users” on all major operating systems (Windows, macOS, and Linux). The malicious operation…
Are you using WhatsApp? Perhaps you are aware that Facebook owns the messaging application. Maybe this fact didn’t matter that much to the app’s dedicated users, but new Privacy Policy conditions are likely to change this attitude. WhatsApp is updating…
2021 starts with new ransomware. Called Babuk Locker, the ransomware was discovered by researcher Chuong Dong. The ransomware has attacked a small number of enterprise victims. Ransom demanded by Babuk Locker criminals varies between $60,000 and $85,000 in Bitcoin. “Since…
One of the latest significant data leaks has compromised the data of patients in the United States. Apex Laboratory, known for providing medical testing for individuals, doctors, and facilities in New York City, Long Island, and South Florida, suffered a…
T-Mobile has suffered a data breach. According to a company’s spokesperson, 0.2%, or approximately 200,000 of T-Mobile’s mobile customers were affected by an incident where phone numbers, number of lines subscribed to, and some call-related information may have been accessed.…
Security researcher Sreeram KL has reported a vulnerability in the feedback tool in Google services. The company has patched the flaw which could have allowed attackers to steal screenshots of sensitive Google Docs documents by embedding them in a malicious…
Operation SignSight is a new supply chain attack targeted against Vietnamese private companies. SignSight attackers are smart, aiming to embed malware inside an official government software toolkit. SignSight attacks aimed against the Vietnam Government Certification Authority The attack discovered and…
Two critical vulnerabilities (CVE-2020-29491 and CVE-2020-29492) with CVSS score of 10 were discovered in specific Dell Wyse this client devices. The vulnerabilities could be exploited in remote code execution attacks to access files on compromised devices, and were reported by…
