PDFex is the name of a new type of attack that is built by German researchers from several universities, to prove that the PDF encryption is quite vulnerable. PDFex was tested against 27 desktop and web PDF viewers, such as…
A number of high-severity vulnerabilities were unearthed in Cisco IOS and IOS XE network automation software. One of the flaws affects the company’s industrial and grid routers, making the impact incomprehensible. Severe Cisco IOS and IOS XE Vulnerabilities Discovered According…
Ransomware has been known to leverage various known vulnerabilities to gain access to systems. Some vulnerabilities are more common in ransomware attacks, so security researchers at RiskSense decided to analyze the most common ones which are used across multiple families…
An unknown hacking group which is suspected to originate from China has been found to launch a massive attack globally using a Trojanized version of the Narrator service with the PcShare malware. This is particularly dangerous as the ongoing campaign…
Cybercriminals appear to be working on a new way to steal payment card data. According to IBM security researchers, a group of hackers is currently developing malicious scripts to use against commercial-grade Layer 7 (L7) routers. This would entirely change…
A new zero-day vulnerability, CVE-2019-16759, was just unearthed in vBulletin, a proprietary Internet forum software package. The vulnerability was discovered by an anonymous security researcher who published the details about the exploit online, thus exposing vBulletin users to plenty of…
The campaign against malware is ongoing – this is still one of the largest forms of cyberattacks affecting businesses and individuals across the world. To give an idea of the scale of the issue, in early 2019, a team of…
CVE-2019-1367 is a new zero-day vulnerability of the remote code execution kind, for which an emergency patch was just issued. The bug could allow attackers to perform remote attacks with the purpose of gaining access over a system. The vulnerability…
Ransomware continues to be a top threat to both individuals and enterprises. And protection against it is more important than ever. So, it is definitely good news that Cameyo, an application virtualization software-as-a-service platform, is launching a new RDP Port…
To our greatest concern, the services we use daily often become part of data breaches and data leaks, in which our personal details are exposed to cybercriminals. Banks, airlines, hotels, various organizations put our information at risk in databases that…
Small to mid-sized businesses (SMBs) are more targeted by cybercriminals than ever, according to a new AlertLogic report. However, there is a way for SMBs to be protected and it involves cushioning the ports that cyber attackers target the most.…
Skidmap is a new cryptomining malware (cryptominer) that uses loadable kernel modules (LKMs) to sneak into Linux systems. The malware is capable of hiding its malicious activities by displaying fake network traffic stats. According to Trend Micro researchers, who stumbled…
Simjacker is a new set of vulnerabilities that, researchers say, have been exploited for the purpose of surveillance for at least 2 years. The Simjacker vulnerabilities appear to be rather sophisticated and complex, in comparison with previously disclosed attacks over…
The InnfiRAT Malware is a newly discovered threat which includes a sophisticated cryptocurrency theft module. It is written using the .NET framework and targets Windows machines in particular. Cryptocurrency Holders Under Attack By The InnfiRAT Malware Security researchers have discovered…
The PsiXBot malware is an advanced threat that contains several dangerous modules that set it apart from other similar malware of its type. Among them is a sextortion blackmail component that can be very effective against its intended victims. The…
Two zero-day vulnerabilities were fixed in Microsoft’s September 2019 Patch Tuesday – CVE-2019-1214 and CVE-2019-1215. In total, 80 vulnerabilities were fixes of which 17 were listed as critical, and the rest – important. More about CVE-2019-1214 and CVE-2019-1215 Apparently, both…
The Windows Update mechanisms through the Windows Background Intelligent Transfer Service (BITS) has been found to deliver the dangerous Stealth Falcon malware. This is the default any of applying updates to the Microsoft Windows operating system. A complex strategy is…
Cybersecurity researchers have outlined a new type of attack involving Intel server-grade processors since 2012. The attack is based on a vulnerability named NetCAT (Network Cache Attack). The vulnerability could allow sniffing data by mounting a side-channel attack over the…
How much exactly does Facebook know about us? No one would argue the pervasiveness of the social network and its impact on our lives. But do we fully comprehend the amounts of personal, highly sensitive information that Facebook gets hold…
Patch gapping is a serious issue that puts a system at risk of exploits. The problem stems from a gap in time before a patch of a security vulnerability in an open-source software is shipped to users. The vulnerability may…
