The latest security report from a research team sheds light on a very serious issue in cybersecurity — airplanes can be easily hacked by criminals. According to the released information this is not the result of a vulnerability, but of…
A radical new approach is being utilized by hackers who want to blackmail victims of their ransomware to pay them a decryption fee. The new strategy is to encrypt developer repositories on popular services like GitHub and BitBucket by breaking…
Personal and passport information belonging to more than 2.25 million citizens of Russia has been leaked through government websites. Information of government employees and politicians is also exposed, according to findings by Ivan Begtin, co-founder of a Russian NGO known…
Evasion of detection mechanisms used by security companies has always been a goal for cybercriminals. And it seems they have found a new way to improve these efforts. The new method is based on SSL/TLS signature randomization, and is given…
Microsoft’s May 2019 Patch Tuesday has already rolled out, containing fixes for 79 vulnerabilities in a number of products. The rollout also includes a security update for Windows XP and Server 2003, which were not included in the mainstream customer…
The North Korean hacker collective known as ScarCruft has been found to use a new infiltration device — a Bluetooth harvesting tool allowing them to acquire a lot of sensitive information about the victim devices. The group is alternatively known…
A race condition vulnerability tracked as CVE-2019-11815 has been found in Linux machines running distros with kernels prior to 5.0.8. The flaw could lead to a use after free, related to net namespace cleanup, exposing vulnerable systems to remote attacks,…
CVE-2019-1649 is a severe vulnerability in Cisco products. Also dubbed Thrangrycat, the exploit could allow attackers to implant persistent backdoor on a wide range of devices in enterprise and government networks. Devices could be routers, switches, and firewalls that support…
Are you a user of WhatsApp? If so, beware that a serious vulnerability in the application has been exploited. The flaw allowed hackers to compromise devices using a form of advanced spyware developed by Israeli company NSO Group. The vulnerability…
Information belonging to more than 10 million individuals in Australia has been affected in a single data breach. The disclosure of the event comes from the Office of the Australian Information Commissioner (OAIC). With current population of about 25.4million, this…
CVE-2019-5021 is a vulnerability in the Official Docker images based on the Alpine Linux distro. The flaw has been there for at least three years, allowing logging into the root account via a blank password. The bug was initially discovered…
An unknown hacker collective has been able to overcome the security defenses of Amazon by launching a successful fraud campaign. As a result funds were siphoned from merchant accounts. The ongoing investigation reveals that this is a high-impact crime as…
According to Q1 2019 Data Breach QuickView Report conducted by Risk Based Security, a total of 1903 publicly disclosed data breaches have been registered in the first three months of the year. These breaches exposed more than 1.9 billion records…
The CIA is actively working on expanding its presence on the Internet enabling users to contact the agency. This is an important factor as any user should be able to reach them in order to pass on information. The latest…
Credit card data is once again in danger of being stolen due to active campaign involving more than a hundred e-commerce websites. Qihoo 360’s NetLab researchers came across an ongoing campaign targeting credit card details while observing www.magento-analytics[.]com, a malicious…
A major data breach has affected Freedom Mobile, the fourth biggest Canadian telecommunications provider. The data breach may have exposed sensitive information of thousands of customers. Freedom Mobile Data Breach Could Be Canada’s Biggest Leak The leak was discovered by…
The popular UC Browser and UC Browser Mini Apps for Android are vulnerable to address spoofing attacks. The current status of the vulnerability discovered by security researcher Arif Khan is unpatched, and it doesn’t have a CVE assigned yet. More…
Cisco has patched yet another critical vulnerability outlined as CVE-2019-1867. CVE-2019-1867 is a security flaw located in the REST API of Cisco Elastic Services Controller (ESC) that could allow an unauthenticated, remote attacker to bypass authentication on the REST API,…
A cryptocurrency heist of great proportion has hit one of the major global exchanges. Binance has confirmed that it lost approximately $41 million in Bitcoin in the largest attack that has hit the company so far. Hackers Stole User API…
IoT devices are convenient but they are far from secure and harmless, and there’s another report that proves this fact. Apparently, IoT devices contain design flaws that can allow third parties to prevent them from sharing information. Related: [wplinkpreview url=”https://sensorstechforum.com/iot-security-m2m-protocols-abuse/”]…
