Security Affairs

MARCH 20, 2020

Pwn2Own 2020 Day 2 -Participants earned a total of $90,000 for exploits targeting Oracle VirtualBox, Adobe Reader and Windows. Pwn2Own — Zero Day Initiative (@thezdi) March 19, 2020. On Day 2 of the Pwn2Own there ware also some failures, the Synacktiv team attempted to hack VMware Workstation without success.

Hacking 101

Hacking Advertising Information Security 101

Security Affairs

JULY 23, 2020

CVE-2020-1147 is a critical vulnerability in.NET Framework, SharePoint, and Visual Studio that was recently addressed by Microsoft with the release of the July 2020 Patch Tuesday security updates. The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET

Hacking 114

Hacking Advertising Software Information Security 114

Security Affairs

MAY 27, 2021

Cyber attacks against the agency’s systems are not rare events, threat actors could attempt to steal critical information with sophisticated operations, and for this reason, it is essential for the agency to detect and mitigate them. SecurityAffairs – hacking, National Aeronautics and Space Administration). Pierluigi Paganini.

Information Security 121

Information Security Cyber Attacks Mobile Architecture 121

Security Affairs

DECEMBER 4, 2020

Hundreds of millions of Android users are potentially exposed to the risk of hack due to the use of Android Play Core Library versions vulnerable to CVE-2020-8913. The CVE-2020-8913 flaw is a local, arbitrary code execution vulnerability that resides exists in the SplitCompat.install endpoint in Android’s Play Core Library.

Hacking 116

Hacking Risk Mobile Banking 116

Security Affairs

MARCH 20, 2021

A hacking group has employed at least 11 zero-day flaws as part of an operation that took place in 2020 and targeted Android, iOS, and Windows users. Google researchers observed two separate waves of attacks that took place in February and October 2020, respectively. The exploit chains targeted Android, Windows, and iOS devices.

Hacking 137

Hacking Software Information Security Malware 137

Security Boulevard

MARCH 7, 2021

Our thanks to BSides Calgary and Conference Speakers for publishing their outstanding presentations; which originally appeared at the group's BSides Calgary 2020 Conference , and on the Organization's YouTube Channel.

Hacking 62

Hacking Education Information Security 62

Security Affairs

NOVEMBER 4, 2020

Cyber Defense Magazine November 2020 Edition has arrived. 150 PAGESLOADED WITH EXCELLENT CONTENT Learn from the experts, cybersecurity best practices Find out about upcoming information security related conferences, expos and trade shows. SecurityAffairs – hacking, Cyber Defense Magazine November 2020 ).

InfoSec 123

InfoSec DNS Advertising Marketing 123

Security Affairs

DECEMBER 9, 2020

Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code execution vulnerabilities. Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code issues. In 2020, the IT giant has released a total of 1,250 CVEs.

Hacking 133

Hacking Information Security Malware 133

Security Affairs

MAY 25, 2020

Three hacking forums Nulled.ch, Sinfulsite.com, and suxx.to have been hacked and their databases have been leaked online. Researchers from intelligence firm Cyble made the headlines again, this time they have discovered online the databases of three hacking forums. The databases appear to have been leaking in May 2020.

Hacking 137

Hacking Data breaches Advertising Cybercrime 137

Security Boulevard

APRIL 9, 2021

The post BSides Philly 2020 – Etizaz Mohsin’s ‘The Great Hotel Hack’ appeared first on Security Boulevard. Many thanks to BSides Philly for publishing their outstanding videos on the organization's YouTube channel.

Hacking 62

Hacking Education InfoSec Information Security 62

Security Affairs

OCTOBER 9, 2023

pic.twitter.com/YJavUu53v3 — vx-underground (@vxunderground) October 7, 2023 BleepingComputer was able to verify with the help of the popular malware researcher Michael Gillespie that that source code is legitimate and is related to the first version of the ransomware that was employed in 2020.

Cybercrime 126

Cybercrime Ransomware DDOS Encryption 126

Security Affairs

SEPTEMBER 23, 2020

Samba team has released a security patch to address the Zerologon issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). Samba team has released a security patch to address the Zerologon (CVE-2020-1472) issue in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC). SecurityAffairs – hacking, ZeroLogon).

Authentication 145

Authentication Advertising Architecture Passwords 145

Security Affairs

OCTOBER 21, 2020

Google has released Chrome version 86.0.4240.111 that also addresses the CVE-2020-15999 flaw which is an actively exploited zero-day. Google has released Chrome version 86.0.4240.111 that includes security fixes for several issues, including a patch for an actively exploited zero-day vulnerability tracked as CVE-2020-15999.

Advertising 119

Advertising Engineering Hacking Software 119

Security Affairs

NOVEMBER 23, 2020

VMware discloses a critical zero-day vulnerability (CVE-2020-4006) in multiple VMware Workspace One components and released a workaround to address it. VMware has released a workaround to address a critical zero-day vulnerability, tracked as CVE-2020-4006, that affects multiple VMware Workspace One components. Pierluigi Paganini.

Hacking 132

Hacking Cybersecurity Information Security Malware 132

Security Affairs

NOVEMBER 5, 2020

VMware has released new patches for ESXi after learning that a fix released in October for the critical CVE-2020-3992 flaw was incomplete. The virtualization giant VMware has released new fixes for ESXi after learning that a patch released in October for the critical CVE-2020-3992 flaw was incomplete. SecurityAffairs – hacking, ESXi).

Advertising 132

Advertising Hacking Information Security Malware 132

Security Affairs

JUNE 21, 2023

Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Hacking 95

Hacking Government Phishing Malware 95

Security Affairs

FEBRUARY 26, 2023

Initial investigation into the hack revealed that the attack was carried out by a nation-state actor for cyber espionage purposes. Now News Corp revealed that the threat actor behind the security breach first gained a foothold in the company infrastructure in February 2020.

Identity Theft 95

Identity Theft Data breaches Insurance Hacking 95

Security Affairs

MARCH 18, 2021

The FBI’s Internet Crime Complaint Center has released its annual report, the 2020 Internet Crime Report , which includes data from 791,790 complaints of suspected cybercrimes. Data that emerged from the report are worrisome, in 2020 the reported losses exceeded $4.2 ” reads 2020 Internet Crime Report. billion in losses.

Internet 110

Internet Internet Scams Identity Theft 110

Security Affairs

NOVEMBER 11, 2020

Microsoft Patch Tuesday updates for November 2020 address 112 flaws, including a Windows bug that was chained with Chrome issues in attacks. The IT giant also addressed the CVE-2020-17087 Windows flaw that was chained with the CVE-2020-15999 Chrome bug in attacks in the wild. SecurityAffairs – hacking, Chrome zero-day).

Internet 112

Internet Internet Hacking Information Security 112

Security Affairs

DECEMBER 4, 2020

VMware addressed CVE-2020-4006 zero-day flaw in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector. VMware has finally released security updates to fix the CVE-2020-4006 zero-day flaw in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector.

Passwords 123

Passwords Accountability Malware Hacking 123

Security Affairs

JANUARY 7, 2021

An expert found multiple serious vulnerabilities in Fortinet’s FortiWeb web application firewall (WAF) that could expose corporate networks to hack. The flaws, tracked as CVE-2020-29015 , CVE-2020-29016 , CVE-2020-29018 , and CVE-2020-29019 , have been already addressed by Fortinet with the release of security patches. .

Hacking 129

Hacking Firewall Technology Information Security 129

Security Affairs

APRIL 21, 2020

The OpenSSL Project has released a security update for OpenSSL that addresses a DoS vulnerability tracked as CVE-2020-1967. The OpenSSL Project released a security update for OpenSSL that patches a high-severity vulnerability, tracked as CVE-2020-1967, that can be exploited by attackers to launch denial-of-service (DoS) attacks.

Advertising 128

Advertising Hacking Information Security 128

Security Affairs

OCTOBER 16, 2020

The Tripwire VERT security team spotted almost 800,000 SonicWall VPN appliances exposed online that are vulnerable to the CVE-2020-5135 RCE flaw. Security experts from the Tripwire VERT security team have discovered 795,357 SonicWall VPN appliances that were exposed online that are vulnerable to the CVE-2020-5135 RCE flaw.

VPN 129

VPN Firewall Advertising Internet 129

Security Affairs

DECEMBER 21, 2020

VMware and Cisco confirmed to have been both impacted by the recent SolarWinds hack. A recent advisory published by the NSA is warning that Russian state-sponsored hackers are exploiting the recently patched CVE-2020-4006 VMware flaw to steal sensitive information from their targets. ” reads the security advisory.

Hacking 144

Hacking Software Information Security Malware 144

Security Affairs

JANUARY 6, 2021

Threat actors are attempting to hack Zyxel devices exploiting the recently disclosed vulnerability CVE-2020-29583, security researchers warn. The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account.

Firmware 114

Firmware Passwords Accountability VPN 114

Security Affairs

DECEMBER 1, 2020

The critical remote code execution (RCE) vulnerability CVE-2020-14882 in Oracle WebLogic is actively exploited by operators behind the DarkIRC botnet. Experts reported that the DarkIRC botnet is actively targeting thousands of exposed Oracle WebLogic servers in the attempt of exploiting the CVE-2020-14882. c25e6559668942[.]xyz.

Malware 105

Malware DDOS Hacking Cybercrime 105

Security Affairs

DECEMBER 20, 2020

This post includes the details of the COVID-19 themed attacks launched from December 6 – December 19, 2020. SecurityAffairs – hacking, Coronavirus). The post COVID-19 themed attacks December 6 – December 19, 2020 appeared first on Security Affairs. Pierluigi Paganini.

Malware 109

Malware Phishing Hacking Information Security 109

Security Affairs

SEPTEMBER 3, 2020

Cyber Defense Magazine September 2020 Edition has arrived. SecurityAffairs – hacking, Cyber Defense Magazine September 2020). The post Cyber Defense Magazine – September 2020 has arrived. appeared first on Security Affairs. Always free, no strings attached. Pierluigi Paganini.

InfoSec 83

InfoSec Mobile Advertising Marketing 83

Security Affairs

NOVEMBER 7, 2020

At least one ransomware operator appears to have exploited the recently patched CVE-2020-14882 vulnerability affecting Oracle WebLogic. At least one ransomware operator appears is exploiting the recently patched CVE-2020-14882 vulnerability in Oracle WebLogic. SecurityAffairs – hacking, CVE-2020-14882).

Ransomware 92

Ransomware Malware Internet Internet 92

Security Affairs

JANUARY 2, 2022

The Twitter account of NASA Director Parimal Kopardekar (@nasapk) was hacked by the Powerful Greek Army group. The Twitter account of the NASA Director and Sr Technologist for Air Transporation Sytem Mr. Parimal Kopardekar ( @nasapk ) was hacked by the Powerful Greek Army group. NASA Director account hacked by PGA!

Accountability 141

Accountability Hacking Banking Government 141

Security Affairs

AUGUST 5, 2020

Cyber Defense Magazine august 2020 Edition has arrived. OVER 145 PAGESALWAYS FREE – LOADED WITH EXCELLENT CONTENT Learn from the experts, cybersecurity best practices Find out about upcoming information security related conferences, expos and trade shows. SecurityAffairs – hacking, cyber defense magazine).

B2C 81

B2C Mobile Advertising Marketing 81

Security Affairs

SEPTEMBER 8, 2020

Microsoft September 2020 Patch Tuesday security updates address 129 vulnerabilities, including twenty critical remote code execution issues. The full list of vulnerabilities addressed by the September 2020 Patch Tuesday Security Updates is available here. Pierluigi Paganini.

Advertising 86

Advertising Internet Internet Hacking 86

Security Affairs

JULY 2, 2020

Cyber Defense Magazine July 2020 Edition has arrived. OVER 165 PAGESALWAYS FREE – LOADED WITH EXCELLENT CONTENT Learn from the experts, cybersecurity best practices Find out about upcoming information security related conferences, expos and trade shows. SecurityAffairs – hacking, cyber defense magazine).

B2C 82

B2C Mobile Marketing Media 82

Security Affairs

MAY 31, 2022

SideWinder, an aggressive APT group, is believed to have carried out over 1,000 attacks since April 2020, Kaspersky reported. The group stands out for the high frequency and persistence of its attacks, researchers believe that the APT group has carried out over 1,000 attacks since April 2020. SecurityAffairs – hacking, SideWinder).

Encryption 99

Encryption Malware Phishing Hacking 99

Security Affairs

NOVEMBER 19, 2020

Drupal development team has released security updates to address a remote code execution flaw, tracked as CVE-2020-13671. The Drupal development team has released security updates to fix a remote code execution vulnerability related caused by the failure to properly sanitize the names of uploaded files. Pierluigi Paganini.

Hacking 112

Hacking Information Security Malware 112

Security Affairs

MARCH 29, 2020

In this post, I decided to share the details of the Coronavirus-themed attacks launched from March 22 to March 28, 2020. If you are interested in COVID19-themed attacks from February 1 give a look at the following posts: Coronavirus-themed attacks February 1 – March 15, 2020. Coronavirus-themed attacks March 15 – March 21, 2020.

Scams 117

Scams Mobile Advertising Malware 117

Security Affairs

OCTOBER 4, 2020

HP released a security advisory that includes details for three critical and high severity vulnerabilities, tracked as CVE-2020-6925, CVE-2020-6926, and CVE-2020-6927, that impact the HP Device Manager. Base Score CVE-2020-6925 Weak Cipher All versions of HP Device Manager 7.0

Hacking 135

Hacking Accountability Passwords InfoSec 135