Haythem Elmir

Une vulnérabilité   (0-day) importante a été corrigée à partir de la version 4.9.7 de WordPress. L’exploitation de cette vulnérabilité permettrait à un attaquant authentifié de supprimer des fichiers arbitraires sur le serveur, et d’exécuter du code arbitraire. Un utilisateur ayant des privilèges « auteur » ou supérieurs, pourrait, en supprimant définitivement la vignette d’une image téléversée, […]

FireEye uncovered a large-scale Chinese phishing and hacking campaign powered by Temp.periscope APT aimed at Cambodia’s elections. Security researchers at FireEye have uncovered a large-scale Chinese phishing and hacking campaign aimed at Cambodia’s elections. The hackers distributed a remote access trojan (RAT) and data exfiltration operation targeting the poll. The experts from FireEye attributed the attacks […]

Timehop, an add-on app that reminisces people’s good old days on different social media platforms, has suffered a data breach on  July 4th,  that affected 21 million users. The stolen data includes names, email addresses, date of the birth,  and over 4.7 million users phone number that they linked to […]

Leveraging compromised RDP credentials is one of the easiest ways attackers can break into company networks and systems. Unfortunately for all of us, there are a lot of vendors on underground hacker markets that sell those credentials for a laughably small amount of money. Some of these computers are part […]

Intel has confirmed the discovery of at least two more side-channel security vulnerabilities relating to the Spectre family of attacks in its processors, paying out a $100,000 bug bounty to the researchers who discovered them. The latest in a string of hardware-baked security vulnerabilities affecting the majority of the processors […]