Security  

  •  
  • By Sergiu Gatlan
  • 20:17 GMT
WordPress Fixes Critical PHP Object Injection Issue Leading to Code Execution

WordPress Fixes Critical PHP Object Injection Issue Leading to Code Execution

Information disclosure bug with high CVSS score also patched

  •  
  • By Sergiu Gatlan
  • 19:35 GMT
Razer Launches New Crypto-Based Reward Program, Criticized by Customers

Razer Launches New Crypto-Based Reward Program, Criticized by Customers

SoftMiner, the software used to mine for Razer's fake coin

  •  
  • By Sergiu Gatlan
  • 18:49 GMT
Personal Info of 540K People Exposed in French Ministry Website Breach

Personal Info of 540K People Exposed in French Ministry Website Breach

Names, phone numbers and email addresses stolen

  •  
  • By Sergiu Gatlan
  • December 12th, 2018
phpMyAdmin Fixes Severe Local File Inclusion Vulnerability

phpMyAdmin Fixes Severe Local File Inclusion Vulnerability

XSRF/CSRF and XSS security issues also patched

  •  
  • By Sergiu Gatlan
  • December 12th, 2018
Operation Sharpshooter Uses Fileless Malware to Attack Global Infrastructure

Operation Sharpshooter Uses Fileless Malware to Attack Global Infrastructure

Actor uses recruiting lure for collection and exfiltration

  •  
  • By Sergiu Gatlan
  • December 12th, 2018
Large Organizations Face Up to Several Million Targeted Bot Attacks per Day

Large Organizations Face Up to Several Million Targeted Bot Attacks per Day

Some botnets are capable of a million attacks per hour

  •  
  • By Sergiu Gatlan
  • December 12th, 2018
Crooks Use Spoofed Critical Russian Infrastructure Domains to Mimic State APT

Crooks Use Spoofed Critical Russian Infrastructure Domains to Mimic State APT

RedControle backdoor chosen as the group's weapon of choice

  •  
  • By Sergiu Gatlan
  • December 12th, 2018
Health and Retail Sectors Targeted by CapitalInstall Malware Campaign

Health and Retail Sectors Targeted by CapitalInstall Malware Campaign

Payload dropped via Azure hosted drive-by-download links

  •  
  • By Sergiu Gatlan
  • December 11th, 2018
Novidade Exploit Kit Actively Targeting SOHO and Home Routers

Novidade Exploit Kit Actively Targeting SOHO and Home Routers

Malware campaign uses CSRF to change routers' DNS settings

  •  
  • By Sergiu Gatlan
  • December 11th, 2018
Microsoft Fixes Nine Critical Vulnerabilities in December 2018 Patch Tuesday

Microsoft Fixes Nine Critical Vulnerabilities in December 2018 Patch Tuesday

Twenty nine other security issues were rated as "Important"

  •  
  • By Sergiu Gatlan
  • December 11th, 2018
Adobe Patches 39 Cross-Platform Critical Security Issues in Acrobat and Reader

Adobe Patches 39 Cross-Platform Critical Security Issues in Acrobat and Reader

Multiple code execution and privilege escalation bugs fixed

  •  
  • By Sergiu Gatlan
  • December 11th, 2018
ESET Unearths Android Trojan That Steals Funds from 2FA-Secured PayPal Accounts

ESET Unearths Android Trojan That Steals Funds from 2FA-Secured PayPal Accounts

The Android malware can steal funds in under 5 seconds

  •  
  • By Sergiu Gatlan
  • December 11th, 2018
Third-Party Investigation Finds No Malicious Chips on Supermicro Motherboards

Third-Party Investigation Finds No Malicious Chips on Supermicro Motherboards

No malicious hardware found by customers, US agencies either

  •  
  • By Sergiu Gatlan
  • December 10th, 2018
$807,130 Stolen by Hackers After Cape Cod Community College Phishing Attack

$807,130 Stolen by Hackers After Cape Cod Community College Phishing Attack

College managed to recover only $278,887

  •  
  • By Sergiu Gatlan
  • December 10th, 2018
Europol Hits Darknet Ring That Shipped Counterfeit Money All Over Europe

Europol Hits Darknet Ring That Shipped Counterfeit Money All Over Europe

The group sold tens of thousands of counterfeit banknotes

  •  
  • By Sergiu Gatlan
  • December 10th, 2018
US Office of Personnel Management Still Vulnerable to Hacking According to GAO

US Office of Personnel Management Still Vulnerable to Hacking According to GAO

OPM implemented only 64% of 2015 incident suggestions

  •  
  • By Sergiu Gatlan
  • December 10th, 2018
Personal Information of 52.5 Million Exposed by New Google+ People API Bug

Personal Information of 52.5 Million Exposed by New Google+ People API Bug

The Google+ APIs to be shut down within 90 days

 
Want more? Browse: