Collaborate Disseminate
Trend Micro’s Zero Day Initiative (ZDI) team has publicly disclosed a serious remote code execution vulnerability in the Microsoft JET Database engine which is used by several Microsoft products. ZDI decided to disclose the flaw even though ther… Continue reading Zero-Day RCE Flaw Found in Microsoft JET Database Engine
The French government’s national cybersecurity agency has released an operating system built using open source components internally over the course of more than 10 years for use by the French administration. Dubbed CLIP OS, the operating system… Continue reading French Government Open Sources Secure Operating System
The same attackers believed to be responsible for the recent breach of British Airways customer payment data have injected card skimming code into the site of U.S. online retailer Newegg.com. The code was identified by researchers from security firms … Continue reading Online Retailer Newegg Hit by Magecart Card Skimming Gang
Security researchers have come across an unusual new botnet that infects Android devices over the debugging interface then searches for and removes cryptocurrency malware. The new botnet, dubbed Fbot by researchers from Qihoo 360’s Netlab team, … Continue reading Unusual IoT Botnet Removes Cryptomining Malware from Devices
A network video recorder (NVR) application used by organizations from around the world to control surveillance cameras contains a critical vulnerability that could expose devices to hacking. The flaw was found by researchers from security firm Tenable… Continue reading NVR Software Flaw Threatens Thousands of Devices
Security researchers have discovered a new Android botnet toolkit that’s being developed as a malware-as-a-service (MaaS) offering for other cybercriminals. The toolkit, dubbed Black Rose Lucy by researchers from security firm Check Point Softwa… Continue reading New Android Botnet Pops Up on Malware-as-a-Service Market
Security researchers believe the recent data breach announced by British Airways was the result of malicious code being injected into the company’s website to steal information from payment forms. According to researchers from threat management … Continue reading British Airways Site Infected with Card Skimming Code
Microsoft has released its monthly batch of security patches fixing 61 vulnerabilities across its products, including 17 that are rated critical and four that have been publicly disclosed. Four critical memory corruption vulnerabilities were patched i… Continue reading Microsoft Fixes 17 Critical Vulnerabilities
Hackers managed to breach and access the personal and financial details of British Airways customers who booked flights through the company’s website and mobile app in the past three weeks. Data from around 380,000 card payments has been comprom… Continue reading British Airways Suffers Customer Payment Card Breach
Cisco Systems has released patches for some of its products that use the Apache Struts web development framework and are affected by a recently announced critical vulnerability. The flaw, tracked as CVE-2018-11776, was patched in Apache Struts two wee… Continue reading Cisco Products Receive Patches for Critical Struts Vulnerability