Siemens disclosed several vulnerabilities in some of its SICLOCK central plant clocks, including ones that have been rated as “critical.” Siemens is warning of the presence of six vulnerabilities in some of its SICLOCK central plant clocks that used to synchronize time in industrial environments. “In the event of failure or […]
Haythem Elmir
GandCrab V4 Released With the New .KRAB Extension for Encrypted Files
Over the weekend, the GandCrab V4 Ransomware was released with numerous changes. These changes include a different encryption algorithms, a new .KRAB extension, a new ransom note name, and a new TOR payment site. Unfortunately, at this time, victims of GandCrab v4 cannot decrypt their files for free. As always if you wish to discuss […]
How Scammers Use Google for Business Email Compromise
Several companies have made online productivity solutions like G Suite from Google the preferred option for business computing. It’s incredibly convenient and usually inexpensive for anyone from solo operations through large enterprises to replace physical machines and all the maintenance that comes with the territory with options like Gmail and […]
OSX.Dummy Mac Malware Targets Cryptocurrency Users on Slack and Discord Channels
Security researchers have spotted a new Mac malware family that’s currently being advertised on cryptocurrency-focused Slack and Discord channels. The malware’s existence came to light last week when it was discovered by Remco Verhoef, an ISC SANS handler and founder of DutchSec. Verhoef says he spotted crooks, posing as admins, […]
Facebook is notifying 800,000 users affected by a blocking bug
Yesterday the social network giant Facebook started notifying 800,000 users affected by a blocking bug. The company has already fixed it. When a Facebook user blocks someone, the blocked user will be not able to interact with him, this means that he will not see his posts, it will not able to start […]
Cryptocurrency users on Discord & Slack hit by MacOS malware
Hackers Are Using A New MacOS Malware Aimed At Cryptocurrency Investors On Discord And Slack Group Chat Communities. The malware was initially discovered by an IT security expert Remco Verhoef and later analyzed by Patrick Wardle, a former NSA white hat hacker and malware researcher. Dubbed OSX.Dummy; the malware has been developed in […]
Microsoft revealed that 2 Zero-Days found in March were part of a cyber weapon in an early development stage
Microsoft published technical details of 2 zero-days that have been recently discovered after someone uploaded a weaponized PDF file to VirusTotal. Security researchers from Microsoft have published technical details of two zero-day vulnerabilities that have been recently discovered after someone uploaded a weaponized PDF file to VirusTotal. The two issues […]
Trezor users targeted by phishing attacks, experts blame DNS Poisoning or BGP Hijacking
The maintainers of the Trezor multi-cryptocurrency wallet service reported a phishing attack against some of its users that occurred during the weekend. The attack appears more complex respect a simple phishing campaign, hackers may have powered a DNS poisoning attack or a BGP hijacking to redirect users to a rogue phishing site that mimic […]
Facebook Admits Sharing Users’ Data With 61 Tech Companies
Facebook has admitted that the company gave dozens of tech companies and app developers special access to its users’ data after publicly saying it had restricted outside companies to access such data back in 2015. It’s an unusual clear view of how the largest social networking site manages your personal […]
UNE NOUVELLE VULNÉRABILITÉ A ÉTÉ IDENTIFIÉE DANS WORDPRESS
Une vulnérabilité dans le filtrage des entrées d’utilisateurs authentifiés a été identifiée dans WordPress. Elle impacte toutes les versions de WordPress, y compris l’actuelle, 4.9.6, et son exploitation permettrait d’exécuter du code arbitraire. Le problème a été signalé il y a 7 mois à l’équipe de sécurité de WordPress mais reste […]