79 Netgear router models were just found containing a severe security vulnerability that could lead to remote control. More specifically, the vulnerability affects 758 firmware versions used in 79 Netgear router models. Netgear Routers Affected by Security Vulnerability The flaw…
The CHIMBORAZO hacking group which is an experienced criminal collective has devised a new infection method delivering the GraceWire Trojan. The hacking group is now able to deploy the malware using a technique that can automated security analysis. The GraceWire…
Remember the WikiLeaks scandal from 2017? An internal CIA report recently revealed what caused the massive data breach of confidential information to happen. It was the agency’s own inability to secure its systems, which led to the WikiLeaks leak of…
A dangerous new vulnerability has been discovered affecting millions of IoT devices, this time spanning across all major device types. The dangerous factor is that the issue mainly concerns older devices which are must more difficult to patch, or in…
Lamphone is a new side-channel attack that can be used to eavesdrop sound. The attack has been discovered by researchers Ben Nassi, Yaron Pirutin, Adi Shamir, and Yuval Elovici from Ben-Gurion University of the Negev and Weizmann Institute of Science.…
Millions of CCTV cameras and other IoT devices have been found to be vulnerable to hacking attacks using several security bugs, including the one tracked in the CVE-2019-11219 advisory. A large majority of them are the ones that are being…
A new report showcases serious vulnerabilities the modern GTP communication protocol deployed by mobile network operators. It is crucial to note that the GTP protocol is used to transmit user and control traffic on 2G, 3G, and 4G networks. This…
A vulnerability in the Facebook Messenger application for Windows was just discovered by Reason Labs security researchers. The vulnerability is present in Messenger version 460.16, and it could allow attackers to exploit the app to execute malicious files already present…
Computer criminals are using various phishing pages and other types of web content related to the Black Lives Matter protest movement and as a result deliver the Trickbot Trojan. This malware has been employed over the years as a main…
VPN Split Tunneling nowadays is an option or feature that is placed in all modern services. It has grown in use midst the COVID-19 pandemic as many remote workers use them in order to access security features. However a number…
The RIPlace ransomware bypass technique, discovered by security researchers in November 2019, has now been implemented by the Thanos ransomware family. This is the first case of RIPlace being utilized by ransomware. The technique relies on just a few lines…
CVE-2020-13777 is a vulnerability in GnuTLS, a widely adopted, open source library that implements Transport Layer Security. The vulnerability has been present in the library for nearly two years, making resumed TLS 1.3 sessions vulnerable to attack. The vulnerability, introduced…
Security researchers have published their findings about a new attack that can hijack data from Intel CPUs. This technique illustrates a new approach that can be used to hack into computers that are running the company’s processors. It is called…
June 2020 Patch Tuesday is Microsoft’s biggest so far, containing fixes for 129 vulnerabilities. On the positive side, despite being the largest Patch Tuesday in the history of the company, it doesn’t include fixes for zero-day bugs, meaning that none…
Microsoft has released a security update in the .NET core system which fixes the CVE-2020-1108 issue detected in the framework. This was a critical problem that resulted in the ability to conduct Denial of Service (DoS) attacks which can be…
A new security report indicates that the KingMiner crypto-mining operation is back in the game with new attacks against MSSQL (Microsoft SQL) databases. Owners of such databases should secure their servers, as Sophos researchers detected brute-force attacks attempting to guess…
A severe vulnerability, known under the CVE-2020-12695, has been discovered in a core protocol in nearly all IoT devices – the Universal Plug and Play (UPnP) protocol. The flaw, dubbed CallStranger could allow attackers to take over IoT devices in…
Honda has become the latest victim of the Snake ransomware, a particularly dangerous file encrypting virus which bestows the Ekans extension to the affected files. The hacking group who has organized the attack campaign has been able to shut down…
An unknown hacking group is organizing a dangerous phishing campaign; infected CV files are being used as carriers of the Zloader banking Trojan. The data is placed inside Microsoft Excel which when run will install the malware and run it…
An unknown hacking group is behind a new dangerous threat which is called the USBCulprit malware. It is designed to silently infiltrate secured systems that are air-gapped — this means that they will not be connected to the external network.…
