Bradley Barth

Editor
Patched EternalDarkness bug code being exploited CISA warns

Patched EternalDarkness bug code being exploited CISA warns

Hackers using point-of-concept exploit code for the highly critical “SMBGhost” bug - aka EternalDarkness - that Microsoft patched in March in its Server Message Block 3.1.1 (SMBv3) protocol

Cisco security advisories address 47 flaws, three critical

Cisco security advisories address 47 flaws, three critical

Last week Cisco Systems released a series of security advisories addressing a total of 47 vulnerabilities, including three critical bugs that were found and fixed in IOS or IOS EX software.

High-severity bugs patched in Chrome, Firefox browsers

High-severity bugs patched in Chrome, Firefox browsers

Google has introduced multiple security fixes for the desktop edition of its Chrome browser and Mozilla has also done the same for Firefox and Firefox Extended Support Release.

iOS 11 – 13.5  jailbreak announced by hacker group

iOS 11 – 13.5 jailbreak announced by hacker group

Users of iPhones, iPads and iPod Touches that run on iOS 11 through 13.5 can now jailbreak their devices with new downloadable software from the hacking group Unc0ver.

Netwalker ransomware actors go fileless to make attacks invisible

Netwalker ransomware actors go fileless to make attacks invisible

Reflective dynamic-link library (DLL) injection found being used to infect victims with Netwalker ransomware in hopes of making the attacks untraceable while frustrating security analysts.

Patch by Friday or compromised by Monday: Salt exploit exposes Infrastructure-as-Code tools threat

Patch by Friday or compromised by Monday: Salt exploit exposes Infrastructure-as-Code tools threat

Malicious actors pounce on a pair of critical vulnerabilities found in SaltStack’s open-source, event-based IT automation & configuration management tool Salt. “Salt master” servers compromised.

5 ways COVID-19 is reshaping the cyber-crime economy

5 ways COVID-19 is reshaping the cyber-crime economy

The virus has rapidly reshaped the way business is being done on the dark web, as buyers and sellers jump on the opportunity to capitalise on global fears, as well as dramatic shifts in supply and demand.

Nation-state hackers reportedly hunting for COVID-19 research

Nation-state hackers reportedly hunting for COVID-19 research

Nation-state-sponsored hackers are reportedly targeting companies tasked with researching COVID-19, in some cases intruding into systems and performing reconnaissance.

Two Zoom zero-days reportedly for sale by vulnerability brokers

Two Zoom zero-days reportedly for sale by vulnerability brokers

Software vulnerability brokers are reportedly looking to sell two zero-day Zoom video conferencing app exploits – one affecting Windows clients and the other impacting OS X clients.

Hijacked routers and attempted WHO hack highlight latest Covid-19 attacks

Hijacked routers and attempted WHO hack highlight latest Covid-19 attacks

Cyber-criminals continue to ride on Covid-19 scare, with WHO remaining the prime target