Cyber Security Newsfeeds from around the world
. It sounds familiar, but I don’t think Humphrey Bogart is running the gin joint this time around. Questionable Casablanca references aside, Amnesty International has reported another attack against human rights workers. In this case, a pair of Morocca…
Continue ReadingThis is a comprehensive report on ransomware-related events covering a timeframe of January 2017 through June 2018. The incidents herein are visually broken down into categories, including new ransomware, updates of existing strains, decryptors release…
Continue ReadingHEROPOINT RANSOMWARE DISSECTED In-dev sample called HeroPoint appends random numbers to filenames and demands $20 worth of Bitcoin for recovery. FILE-LOCKER RANSOMWARE TWEAK This Korean ransomware switches from using the .locked file extension to .razy…
Continue ReadingIntroduction In its 2018 annual publication, the FBI IC3 (Internet Crime Complaint Center) reported a 242% rise in extortion emails, the majority of which are “sextortion”, with total losses of $83 million in reported crimes. The idea behind sextortion…
Continue Reading# Exploit Title: CyberArk Password Vault 10.6 – Authentication Bypass # Date: 2019-10-16 # Author: Daniel Martinez Adan (adon90) # Vendor: https://www.cyberark.com # Software: https://www.cyberark.com/products/privileged-account-security-solution/enter…
Continue ReadingSEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Reflected XSS vulnerability product: OpenProject vulnerable version:
Continue Reading# Exploit Title: GoAhead Web server HTTP Header Injection. # Shodan Query: Server: Goahead # Discovered Date: 05/07/2019 # Exploit Author: Ramikan # Vendor Homepage: https://www.embedthis.com/goahead/ # Affected Version: 2.5.0 may be others. # Tested O…
Continue Reading# Exploit Title: Intelbras Router WRN150 1.0.18 – Persistent Cross-Site Scripting # Date: 2019-10-03 # Exploit Author: Prof. Joas Antonio # Vendor Homepage: https://www.intelbras.com/pt-br/ # Software Link: http://en.intelbras.com.br/node/25896 # Versi…
Continue ReadingCategory: Weekly Feature The past week brought a heaping helping of not so comforting cybersecurity news, starting with President Donald Trump’s apparent plans to pull out of the Cold War-era Open Skies treaty. We explained why that would be as bad an …
Continue ReadingThe attacks primarily involved using information about the targets to try and exploit password reset and account recovery features. These activities weren’t technically advanced, but Microsoft says the attackers “attempted to use a significant amount o…
Continue Reading