RCE vulnerabilities found in industrial VPN solutions
The exploitation of vulnerabilities allows to overwrite data, execute malicious code or commands and cause a DoS condition.
Cybersecurity News - Page 354
QSnatch operators stole data from over 62,000 QNAP network storages
Most victims of the malware threat are located in Western Europe and North America.
Cisco fixed three RCE-vulneravilities Ripple20
One of the vulnerabilities has already been exploited in the wild.
Vulnerability summary for the week: July 27, 2020
Weekly vulnerability digest.
Hackers inject exposed Twilio SDK with malicious code
Because the affected SDK was hosted on a misconfigured S3 bucket, the attackers were able to upload modified version of the taskrouter.min.js file.
Wearable device maker Garmin allegedly hit by a ransomware attack
Some Garmin emloyees speculate the involvement of a new strain of the WastedLocker ransomware.
Mysterious “Meow” attack destroys data stored on dozens unsecured Elasticsearch and MongoDB servers
A recent Shodan search has shown that 987 ElasticSearch and 70 MongoDB instances have been affected by Meow attack.
New Prometei botnet uses Windows SMB to mine cryptocurrency
The Prometei cryptomining botnet leverages Windows SMB protocol for propagation.
US offers $2mn reward for information on Ukrainian hackers
Radchenko and Ieremenko gained access to the Security and Exchange Commission’s EDGAR system and stole thousands of confidential files.
North Korean hackers add new sophisticated cyber tool to their arsenal
The MATA framework is designed to target Windows, Linux and macOS operating systems.
Showing elements 3531 - 3540