Lenovo warned customers on Friday that two critical Broadcom vulnerabilities impacts 25 models of its popular ThinkPad brand. The vulnerabilities were first revealed in September and originally they were only reported to impact specific Broadcom chipsets used in Apple iPhones, Apple TV and Android devices. Lenovo has expanded that list to include […]
Haythem Elmir
CVE-2017-13253: Buffer overflow in multiple Android DRM services
As part of our platform research in Zimperium zLabs, we recently disclosed a buffer overflow vulnerability affecting multiple Android DRM services to Google. Google classified it as high-severity, designated it as CVE-2017-13253 and have patched it in the March security update. In this blog post, we’ll cover the details of the […]
NEW POS MALWARE PINKKITE TAKES FLIGHT
A new family of point-of-sale malware, dubbed PinkKite, has been identified by researchers who say the malware is tiny in size, but can delivered a hefty blow to POS endpoints. Researchers at Kroll Cyber Security first identified PinkKite in 2017 during a nine-month investigation into a large POS malware campaign […]
Free Mobile : une nouvelle tentative de phishing veut s’emparer de vos coordonnées bancaires
Une nouvelle tentative de phishing vise les abonnés Free Mobile ! Un utilisant un mail de rappel factice, les pirates cherchent à s’emparer de vos coordonnées bancaires. Pour endormir la méfiance de leurs cibles, les hackers n’hésitent pas à copier les courriers officiels envoyés par Free Mobile. Par chance, certains […]
Never Mind Malware – Social Engineering Will Be Your Biggest Threat This Year
As we enter a new year, IT security teams and cyber-criminals are both already searching for the development that will tip the scales in the on-going cyber arms race. A common assumption is that a new malware strain or vulnerability will be the defining factor of 2018, similar to the […]
5 Things You Need to Know About Botnets
There’s a common denominator between the surges of phishing email that continue to plague consumers, businesses and government agencies around the globe and the social media-fueled propaganda campaigns Russia has leveraged to undermine democratic elections in Europe and the United States. Neither would be doable without botnets as they exist today. For most people, the power and […]
Smart home devices can be hacked within minutes through Google search
The Internet of Things (IoT) devices, especially smart home devices, are built to get things done conveniently and to some extent, these devices have been playing a major role in our lives. At the same time, these smart devices are also home to critical security vulnerabilities. Recently, the IT security researchers […]
Pre-Installed Malware Found On 5 Million Popular Android Phones
Security researchers have discovered a massive continuously growing malware campaign that has already infected nearly 5 million mobile devices worldwide. Dubbed RottenSys, the malware that disguised as a ‘System Wi-Fi service’ app came pre-installed on millions of brand new smartphones manufactured by Honor, Huawei, Xiaomi, OPPO, Vivo, Samsung and GIONEE—added somewhere […]
GANDCRAB RANSOMWARE CROOKS TAKE AGILE DEVELOPMENT APPROACH
Earlier this month, command-and-control servers tied to the fast-growing GandCrab ransomware campaigns were seized by Romanian Police and Europol. But, criminals behind GandCrab don’t appear phased by the setback and have already tweaked the malware to keep ransomware payment coming in. According to new research by Check Point, the group […]
Hacking SAP CRM by chaining 2 vulnerabilities in SAP NetWeaver AS Java
Security experts at ERPScan explained that chaining 2 flaws recently patched it is possible to hack SAP CRM systems and access sensitive data. Security experts at ERPScan discovered that chaining the exploits for two security vulnerabilities in SAP NetWeaver Application Server Java patched last month, an attacker can hack customer […]