Patched EternalDarkness bug code being exploited CISA warns
Hackers using point-of-concept exploit code for the highly critical “SMBGhost” bug - aka EternalDarkness - that Microsoft patched in March in its Server Message Block 3.1.1 (SMBv3) protocol
Cisco security advisories address 47 flaws, three critical
Last week Cisco Systems released a series of security advisories addressing a total of 47 vulnerabilities, including three critical bugs that were found and fixed in IOS or IOS EX software.
High-severity bugs patched in Chrome, Firefox browsers
Google has introduced multiple security fixes for the desktop edition of its Chrome browser and Mozilla has also done the same for Firefox and Firefox Extended Support Release.
iOS 11 – 13.5 jailbreak announced by hacker group
Users of iPhones, iPads and iPod Touches that run on iOS 11 through 13.5 can now jailbreak their devices with new downloadable software from the hacking group Unc0ver.
Netwalker ransomware actors go fileless to make attacks invisible
Reflective dynamic-link library (DLL) injection found being used to infect victims with Netwalker ransomware in hopes of making the attacks untraceable while frustrating security analysts.
Patch by Friday or compromised by Monday: Salt exploit exposes Infrastructure-as-Code tools threat
Malicious actors pounce on a pair of critical vulnerabilities found in SaltStack’s open-source, event-based IT automation & configuration management tool Salt. “Salt master” servers compromised.
5 ways COVID-19 is reshaping the cyber-crime economy
The virus has rapidly reshaped the way business is being done on the dark web, as buyers and sellers jump on the opportunity to capitalise on global fears, as well as dramatic shifts in supply and demand.
Nation-state hackers reportedly hunting for COVID-19 research
Nation-state-sponsored hackers are reportedly targeting companies tasked with researching COVID-19, in some cases intruding into systems and performing reconnaissance.
Two Zoom zero-days reportedly for sale by vulnerability brokers
Software vulnerability brokers are reportedly looking to sell two zero-day Zoom video conferencing app exploits – one affecting Windows clients and the other impacting OS X clients.
Hijacked routers and attempted WHO hack highlight latest Covid-19 attacks
Cyber-criminals continue to ride on Covid-19 scare, with WHO remaining the prime target
