Haythem Elmir

ne entreprise de cyber-sécurité a publié des détails et un code de preuve de concept (PoC) sur une vulnérabilité du noyau Linux qui n’a d’impact que sur les distributions CentOS et Red Hat Enterprise Linux (RHEL). Le nom de vulnérabilité est Mutagen Astronomy et est suivi par CVE-2018-14634. Découvert par l’équipe […]

Security researchers have published the details and proof-of-concept (PoC) exploits of an integer overflow vulnerability in the Linux kernel that could allow an unprivileged user to gain superuser access to the targeted system. The vulnerability, discovered by cloud-based security and compliance solutions provider Qualys, which has been dubbed « Mutagen Astronomy, » […]

Since its discovery early this year, the Hide and Seek IoT botnet has been increasing its infection capabilities with new vectors. The latest samples look for Android devices with the wireless debugging feature enabled. While IoT botnets appear and go away on a daily basis, Hide and Seek first attracted attention […]

Recently was discovered Android banking Trojan available on Google Play with more than 10,000 installs. This infiltration was capable of luring user’s banking credentials and send them to the attacker. Trojan was also capable of bypassing SMS two factor authentication. Based on analysis, app targeted German, Polish and Czech banks. […]

Malware authors continue to upload malicious apps contains hidden Cryptomining Script to Google play, even though it was entirely banned. Attackers uploaded apps poses as games, utilities, and educational apps contain hidden cryptomining scripts. SophosLabs spotted more than 25 malicious apps that contain hidden coinhive cryptomining scripts turning victims device into […]

New Adwind 3.0 RAT (Remote access Trojan) Evolving with new sophisticated capabilities, unlike old version it mainly attacks desktop version of  Linux, Windows and Mac OSX using DDE code injection technique. Attackers are using weaponized Microsoft Office documents to compromise the targeted victims and also new capabilities that able to avoid detection […]

Malicious apps can trivially thwart Mojave 10.14’s new privacy protections. A zero-day vulnerability in the brand-new version of the Apple Mojave macOS has been uncovered, which would allow an attacker to access private and confidential information by using an unprivileged app. The flaw was uncovered by Patrick Wardle, co-founder of […]

A new version of GandCrab Ransomware released, as like the previous version it was not distributed through exploit kits. The distribution method of GandCrab v5 is currently unknown, the new version appends a random 5 character extension on the encrypted files and creates HTML ransom note. Gandcrab Ransomware is a […]

Another fashion retailer suffered a data breach, the victim is SHEIN that announces the security breach affected 6.42 million customers. The retailer hired a forensic cybersecurity firm as well as an international law firm to investigate the security breach. SHEIN is now notifying affected users and it is urging them […]