The North Korean hacker collective known as ScarCruft has been found to use a new infiltration device — a Bluetooth harvesting tool allowing them to acquire a lot of sensitive information about the victim devices. The group is alternatively known…
A race condition vulnerability tracked as CVE-2019-11815 has been found in Linux machines running distros with kernels prior to 5.0.8. The flaw could lead to a use after free, related to net namespace cleanup, exposing vulnerable systems to remote attacks,…
CVE-2019-1649 is a severe vulnerability in Cisco products. Also dubbed Thrangrycat, the exploit could allow attackers to implant persistent backdoor on a wide range of devices in enterprise and government networks. Devices could be routers, switches, and firewalls that support…
Are you a user of WhatsApp? If so, beware that a serious vulnerability in the application has been exploited. The flaw allowed hackers to compromise devices using a form of advanced spyware developed by Israeli company NSO Group. The vulnerability…
Information belonging to more than 10 million individuals in Australia has been affected in a single data breach. The disclosure of the event comes from the Office of the Australian Information Commissioner (OAIC). With current population of about 25.4million, this…
CVE-2019-5021 is a vulnerability in the Official Docker images based on the Alpine Linux distro. The flaw has been there for at least three years, allowing logging into the root account via a blank password. The bug was initially discovered…
An unknown hacker collective has been able to overcome the security defenses of Amazon by launching a successful fraud campaign. As a result funds were siphoned from merchant accounts. The ongoing investigation reveals that this is a high-impact crime as…
According to Q1 2019 Data Breach QuickView Report conducted by Risk Based Security, a total of 1903 publicly disclosed data breaches have been registered in the first three months of the year. These breaches exposed more than 1.9 billion records…
The CIA is actively working on expanding its presence on the Internet enabling users to contact the agency. This is an important factor as any user should be able to reach them in order to pass on information. The latest…
Credit card data is once again in danger of being stolen due to active campaign involving more than a hundred e-commerce websites. Qihoo 360’s NetLab researchers came across an ongoing campaign targeting credit card details while observing www.magento-analytics[.]com, a malicious…
A major data breach has affected Freedom Mobile, the fourth biggest Canadian telecommunications provider. The data breach may have exposed sensitive information of thousands of customers. Freedom Mobile Data Breach Could Be Canada’s Biggest Leak The leak was discovered by…
The popular UC Browser and UC Browser Mini Apps for Android are vulnerable to address spoofing attacks. The current status of the vulnerability discovered by security researcher Arif Khan is unpatched, and it doesn’t have a CVE assigned yet. More…
Cisco has patched yet another critical vulnerability outlined as CVE-2019-1867. CVE-2019-1867 is a security flaw located in the REST API of Cisco Elastic Services Controller (ESC) that could allow an unauthenticated, remote attacker to bypass authentication on the REST API,…
A cryptocurrency heist of great proportion has hit one of the major global exchanges. Binance has confirmed that it lost approximately $41 million in Bitcoin in the largest attack that has hit the company so far. Hackers Stole User API…
IoT devices are convenient but they are far from secure and harmless, and there’s another report that proves this fact. Apparently, IoT devices contain design flaws that can allow third parties to prevent them from sharing information. Related: [wplinkpreview url=”https://sensorstechforum.com/iot-security-m2m-protocols-abuse/”]…
Artificial Intelligence is a branch of computer science that highlights the invention of smart computers that act and work like human beings. The potentiality of machines to adjust to new data, learn from past events and perform tasks like humans…
We’ve detected a new scam that’s currently being spread in the wild, which is using the “Email Deactivation for [recipient’s email address]” subject line. Email Deactivation Scam: More Details The scam appears to be sent from an alleged Email Administrator,…
CVE-2019-3719 is an RCE vulnerability in Dell’s SupportAssist Client software. The bug could allow remote unauthenticated attackers on the same Network Access layer to execute arbitrary code on vulnerable Dell machines. Here’s the official description of CVE-2019-3719: Dell SupportAssist Client…
While the dangers of modern online life are well-documented, many website owners simply do not believe that their website contains information worth hacking into. But the realities of modern website hacking go well beyond stealing data and modifying layouts. In…
Another day, another vulnerability. The cybersecurity mantra is giving us another serious issue in Oracle WebLogic Server. The vulnerability, identified as CVE-2019-2568, is easily exploitable and can allow an attacker with low privileges and network access via HTTP to compromise…
