Malicious developer distributed tainted version of Event-Stream NodeJS Module to steal Bitcoins
Haythem Elmir
British MP: Facebook was aware about Russian activity at least since 2014
A British MP claims Facebook was ware about Russian political interference in 2014, long before the events become public. The British MP Damian Collins, head of a parliamentary inquiry into disinformation, revealed that one of the emails seized from US software company Six4Three as part of a US lawsuit, demonstrates that a Facebook engineer had notified the […]
Chaining 3 zero-days allowed pen testers to hack Apple macOS computers
Dropbox team disclosed three critical zero-day vulnerabilities in Apple macOS, chaining them it is possible to take over a Mac computer. Dropbox team disclosed three critical zero-day vulnerabilities (CVE-2017-13890, CVE-2018-4176, CVE-2018-4175) affecting the Apple macOS operating system, an attacker could chain them to remotely execute arbitrary code on a targeted Mac computer. The attacker […]
Flaw allowing identity spoofing affects authentication based on German eID cards
Flaw allowing identity spoofing affects authentication based on German eID cards The authentication process via German eID cards with RFID chips is flawed, an attacker could impersonate any other citizen. The nightmare comes true, the authentication process via German eID cards with RFID chips is flawed and a flaw could […]
Experts found first Mirai bot targeting Linux servers via Hadoop YARN flaw
Experts found first Mirai bot targeting Linux servers via Hadoop YARN flaw Security experts from Netscout Asert discovered more than ten Mirai bot variants attempting to exploit a recently disclosed flaw in Hadoop YARN on Intel servers. These Mirai variants are the first one that doesn’t target Internet of Things devices, […]
Experts found flaws in Dell EMC and VMware Products. Patch them now!
Security experts have found several vulnerabilities affecting Dell EMC Avamar and Integrated Data Protection Appliance products. They also warn that VMware’s vSphere Data Protection, which is based on Avamar, is also affected by the issues. Dell EMC released security updates for Dell EMC Avamar Client Manager in Dell EMC Avamar Server […]
Sofacy APT group used a new tool in latest attacks, the Cannon.
Sofacy APT group (aka APT28, Pawn Storm, Fancy Bear, Sednit, Tsar Team, and Strontium) has a new weapon in its arsenal dubbed Cannon. The Russia-linked APT group delivers Cannon in a spear-phishing attack that targets government organizations in North America, Europe and in a former USSR state. Experts at Palo Alto Networks spotted a new campaign in late October and early […]
Top 10 Application Security Breaches of 2018
The most disastrous web and mobile application security breaches and security incidents of 2018 (so far). Application security is one of the most crucial areas of data security, especially as more businesses move to cloud-based computing and make web applications a core focus of their functionality. Web applications are increasingly […]
Facebook et Instagram victimes d’une panne mondiale temporaire
Les réseaux sociaux étaient inaccessibles mardi en début d’après-midi partout dans le monde. La situation est revenue à la normale vers 17 heures. Non, ce n’était pas votre 4G ou votre box Internet qui subissaient les premières conséquences de l’hiver. Les réseaux sociaux Facebook et son petit frère Instagram ont […]
Security bug exposes password of Instagram users
A security bug inside Instagram’s “Download Your Data” tool that could have been exploited to expose password of thousands of users around the world. The feature « Download Your Data » was introduced in April this year after the change in the European Union’s General Data Protection Regulation (GDPR). It allows users […]