Collaborate Disseminate
Businesses and home users affected by the latest versions of GandCrab ransomware can now recover their locked files for free, thanks to a new decryption tool developed by researchers from antivirus vendor Bitdefender in collaboration with the Romanian… Continue reading Most GandCrab Ransomware Victims Can Now Recover Their Files for Free
Cisco Systems patched a serious privilege escalation vulnerability in the Webex Meetings Desktop App and the Webex Productivity Tools that could be exploited remotely on local networks. The flaw has been dubbed WebExec and was found during a penetrati… Continue reading Webex Vulnerability Can Enable Remote Code Execution
A new vulnerability affecting Windows 10 has been disclosed on Twitter before being patched and it allows attackers to delete system files or to replace sensitive libraries. The vulnerability is located in the Windows Data Sharing Service (dssvc.dll) … Continue reading New Windows Zero-Day Flaw Dropped on Twitter
The popular Drupal content management system received fixes for five serious vulnerabilities that allow for remote code execution and could help hackers break into websites. Two of the patched vulnerabilities are rated critical. One is located in the … Continue reading Drupal Patches Critical Remote Code Execution Flaws
Security researchers have found serious vulnerabilities in FreeRTOS, an open source operating system that’s commonly used in embedded devices including those in smart homes and critical infrastructure. FreeRTOS is a lightweight real-time operati… Continue reading FreeRTOS Flaws Puts Many IoT, ICS Devices at Risk
New attacks against organizations from South Korea, Canada and the United States use a malicious implant that’s based on an old malware program associated with a dormant Chinese APT group known as APT1. According to researchers from antivirus fi… Continue reading New Attacks Reuse Malware Code from Dormant APT1
For the past three years, a stealthy cyberespionage group has been targeting energy companies, primarily from Poland and Ukraine, using a new malware framework dubbed GreyEnergy. GreyEnergy is a modular malware platform which, according to researchers… Continue reading BlackEnergy Successor Hits Energy Companies Since 2015
In a case that shows you can teach an old exploit new tricks, a group of attackers who push information-stealing malware modified a well-known exploit in a way that it bypasses detection by most antivirus programs. The incident was reported by researc… Continue reading Spyware Pushers Modify Equation Editor Exploit to Bypass AV Detection
The patch released by Microsoft last week for a zero-day flaw in the JET database engine is incomplete and does not fully address the issue, according to a vulnerability research firm. The flaw, tracked as CVE-2018-8423, was disclosed Sept. 20 through… Continue reading Microsoft’s JET Vulnerability Patch Incomplete, Researchers Say
The national cybersecurity agencies of the United States, U.K., Canada, Australia and New Zealand, known in the intelligence world as the Five Eyes, have released a joint report on five publicly available hacking tools that are widely used in cyberatt… Continue reading Five Eyes Cybersecurity Agencies Release Report on Hacking Tools