Collaborate Disseminate
The Czech government’s Security Information Service (BIS) revealed in a report that hackers associated with the Russian government are responsible for an email breach, compromising the email system of the country’s Ministry of Foreign Affa… Continue reading Czech Republic Blames Russia for Yearlong Email Breach
Hackers are exploiting insecure UPnP implementations in routers to expose millions of computers from inside private networks to SMB attacks. Universal Plug and Play (UPnP) is a service that allows devices to discover each other inside local networks a… Continue reading Hackers Exploit UPnP in Routers to Expose Private Networks to Attacks
The U.S. Department of Justice has charged two Iranian men for creating and distributing a ransomware program called SamSam that caused massive disruptions in hospitals, municipalities and public institutions over the past few years. SamSam appeared i… Continue reading U.S. Charges Two Iranians for SamSam Ransomware Attacks
Cisco Systems has released a new patch for a remotely exploitable privilege escalation vulnerability after security researchers found that its previous fix was incomplete. The company first patched the vulnerability, known as WebExec or CVE-2018-15442… Continue reading Cisco Takes Another Stab at Patching Recent WebEx Vulnerability
Researchers have proven for the first that that error-correcting code (ECC) memory can be affected by the same bit-flipping attack known as Rowhammer that plagues regular DRAM memory. Rowhammer is a memory defect first documented in 2014 that occurs w… Continue reading ECC Memory Not Safe from Rowhammer Attack
Adobe Systems fixed a critical vulnerability in Flash Player that was publicly disclosed by a researcher earlier this month. The vulnerability, tracked as CVE-2018-15981, is a type confusion issue that can lead to arbitrary code execution. It was fixe… Continue reading Adobe Patches Zero-Day Flaw in Flash Player
There were more than 16,000 vulnerabilities disclosed during the first three quarters of this year and more than a third of them were rated high or critical—7.0 or higher in the Common Vulnerability Scoring System (CVSS). For the first time in recent … Continue reading RBS Survey: One-Third of Vulnerabilities Rated High or Critical This Year
The notorious Russian cyberespionage group known as APT28, Fancy Bear and Sofacy is targeting government organizations using a new Trojan program called Cannon. Researchers from Palo Alto Networks detected new spear-phishing campaigns from APT28 at th… Continue reading APT28 Pulls Out New Malware Cannon
The hacker group that attacked the 2018 Winter Olympic Games IT infrastructure is still active and has recently been observed attacking organizations with an improved malware strain. The infrastructure at the Winter Olympic Games in Pyeongchang, South… Continue reading Olympic Destroyer Returns with Improved Arsenal
Two teams of hackers managed to break into the iPhone X, Samsung Galaxy S9 and Xiaomi Mi6 mobile devices at the mobile Pwn2Own contest held in Tokyo this week by using multiple types of exploits—moves that earned them more than $300,000. The first day… Continue reading Galaxy S9, iPhone X, Xiaomi Mi6 Devices Hacked at Pwn2Own Contest