Cybersecurity News - Page 292

The ransomware attack did not impact the operations of Tesouro Direto program.

The data reportedly includes social security numbers, phone numbers, names, physical addresses, unique IMEI numbers, and driver’s license information.

The first bug is an arbitrary file upload vulnerability, while the second is described as local privilege escalation vulnerability.

Successful exploitation of this vulnerability allows a local hacker to gain SYSTEM privileges on a computer.

The tech giant also released a patch for Windows Update Medic Service elevation of privilege zero day vulnerability.

Acording to cybersecurity researchers, 50% of the stolen cards are still active and valid.

The attacks began after cybersecurity researchers showed technical details of these problems at the Black Hat conference.

Their exploitation could allow unauthenticated attackers to achieve arbitrary code execution on affected devices.

Dropper can download other malware from a remote command-and-control server, exfiltrate sensitive data, and even delete itself from the compromised system.

Macsteel representatives said that the company’s systems "returned back to normal" within two business days of the breach and no critical information was affected.