Haythem Elmir

Summary Editor: Fortinet Product: FortiClient Title: Fortinet FortiClient Windows privilege escalation at logon CVE ID: CVE-2017-7344 Intrinsec ID: ISEC-V2017-01 Risk level: high Exploitable: Locally, or remotely if the logon screen is exposed (e.g. through RDP without NLA required). Requires non-default configuration on the client (« Enable VPN before logon »). Requires an invalid […]

We are still seeing malware campaigns using the DDE exploit These are somewhat different to earlier versions and the word docs do contain macros with a very basic base64 encoded PowerShell script that contains the DDE exploit. Using Office Malscanner  only shows the macro with a DDE Auto command not a separate DDE […]

Retis: New Ransomware A security researcher has discovered a ransomware called Retis,  which is a ransomware-type virus that secretly infiltrates the system. Shortly after executed, RETIS encrypts most saved data and adds filenames with the “.crypted” extension. It is a .NET ransomware, so its source code can be easily viewed. […]

A so-called « script kiddie » is behind the recently discovered Satori botnet that has scared security researchers because of its rapid rise to a size of hundreds of thousands of compromised devices. Researchers say that a hacker named Nexus Zeta created Satori, which is a variant of the Mirai IoT malware […]

Nissan Finance Canada announced on Thursday that the personal information of 1.13 million customers may have been exposed as a result of a data breach. Nissan Finance Canada has been hacked, personal information of 1.13 million customers may have been exposed as a result of a data breach discovered by the […]

Ride-sharing company reveals 380,000 in Singapore were affected by the massive data breach that compromised 57 million accounts globally, but says no fraud or misuse has been tied to these users. Uber says an estimated 380,000 users in Singapore were impacted by the 2016 data breach that compromised 58 million […]

If you receive a video file (packed in zip archive) sent by someone (or your friends) on your Facebook messenger — just don’t click on it. Researchers from security firm Trend Micro are warning users of a new cryptocurrency mining bot which is spreading through Facebook Messenger and targeting Google […]

Why is my iPhone slow? Do you also ask this question again and again? Well, the biggest conspiracy theory floating around from years that Apple deliberately slows down performance on your older iPhones whenever the company is about to launch the next version of its flagship to push its sale […]