Sunday, October 17, 2021

Malware and Vulnerabilities

IBM has issued security patches to fix high- and medium-severity bugs

IBM has issued security patches to fix high- and medium-severity bugs affecting large business software solutions.The worst bugs could lead to malicious code execution and application crashes.This week, the tech giant published a set of security tips laying out...

Cyber Criminals Exploit zero-day vulnerability in FTA servers for Data Theft and Extortion

Cybersecurity company FireEye said today cybercriminal gang known as FIN11 performed a zero-day attack on Accellion FTA servers that hit 100 companies worldwide in December 2020 and January 2021.During the attack, hackers used four security bugs to attack FTA...

Python release quick updates to Fix remote code vulnerabilities

The Python Software Foundation (PSF) has rapidly launched Python 3.9.2 and 3.8.8 to address two significant security breaches, including one that is exploited remotely but with active terms that can only be used to hack an offline machine.The PSF...

Bug in a shared SDK may allow attackers to join calls undetected across multiple apps

A small library that provides audio and video call capabilities contain a bug that allows attackers to join audio and video calls without being detected.The bug - detected by security company McAfee and tracked as CVE-2020-25605 - affects the...

Google patches Chrome zero-day vulnerability exploited in the wild

Google has released today Stable version 88.0.4324.150 of the Chrome browser for Windows, Mac, and Linux. Today's release contains only one bug fix for a Chrome zero-day vulnerability that was exploited in the wild."Google is aware of reports that...

Google Chrome blocks eight ports against new NAT Slipstreaming attack

Following the discovery of the NAT Slipstreaming 2.0 attack this week, Google says it will block Chrome traffic on ports 69, 137, 161, 1719, 1720, 1723, 6566, and 10080.Google has blocked eight ports within the Chrome web browser to...

The fourth type of malware discovered in the SolarWind Hack

Symantec said it identified Raindrop, the fourth type of malware used in the SolarWinds breach, after Sunspot, Sunburst, and Teardrop.Cybersecurity company Symantec said it had identified another type of malware used during the attack on the SolarWinds, bringing the...

Researchers Disclosed a security vulnerability in UNEP that affects 100k staff records

Today, researchers have revealed a security vulnerability by exploiting which they could access more than 100,000 private worker records of United Nations Environmental Program (UNEP). The information breach originated from Git directories and credentials, which permitted the researchers to clone...

Nvidia releases security update for high-severity flaws affecting Windows, Linux devices

NVIDIA has released security updates to address six security vulnerabilities found in Windows and Linux GPU screen drivers, as well as ten additional flaws affecting the NVIDIA Virtual GPU (vGPU) management software.Released on Thursday, the technology giant said the...

Firefox, Chrome, Edge Bugs Allows Remote System Hijacking

Major browsers get an upgrade to fix individual bugs which allow for remote attacks, which could potentially allow hackers to take over targeted devices.Makers of the Chrome, Firefox, and Edge browsers are urging users to patch critical vulnerabilities that...

Latest News

Unified endpoint management automation software to boost endpoint security

Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process...

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft also revealed the workings of...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...