Un ransomware ? Une attaque par mawlare a impacté l’impression et la distribution de plusieurs grands journaux américains. Ce n’est pas une panne serveur, mais bel et bien une attaque par malware qui a perturbé ce week-end la distribution de journaux américains. Parmi les journaux concernés, le Los Angeles Times, le […]
Hacking
Over 19,000 Orange Livebox ADSL modems leak WiFi credentials
Threat actors are attempting to exploit a flaw in Orange LiveBox ADSL modems to retrieve their SSID and WiFi password in plaintext. Threat actors in the wild are attempting to exploit a vulnerability in LiveBox ADSL modems from Orange, the issue could be triggered to retrieve their SSID and WiFi […]
Information Disclosure flaw allows attackers to find Huawei routers with default credentials
Some models of Huawei routers are affected by a flaw that could be exploited by attackers to determine whether the devices have default credentials or not. Ankit Anubhav, a principal researcher at NewSky Security, discovered a vulnerability in some models of Huawei routers that could be exploited by attackers to determine whether […]
Cisco ASA is affacted by a privilege escalation flaw. Patch it now!
Cisco ASA is affacted by a privilege escalation flaw. Patch it now! Cisco Adaptive Security Appliance (ASA) Software is affected by a vulnerability that could be exploited by an attacker to retrieve files or replace software images on a device. A privilege escalation vulnerability tracked as CVE-2018-15465 affects the Cisco […]
Hacker Discloses New Unpatched Windows Zero-Day Exploit On Twitter
Hacker Discloses New Unpatched Windows Zero-Day Exploit On Twitter A security researcher with Twitter alias SandboxEscaper today released proof-of-concept (PoC) exploit for a new zero-day vulnerability affecting Microsoft’s Windows operating system. SandboxEscaper is the same researcher who previously publicly dropped exploits for two Windows zero-day vulnerabilities, leaving all Windows users vulnerable to […]
New Malware Takes Commands From Memes Posted On Twitter
New Malware Takes Commands From Memes Posted On Twitter Security researchers have discovered yet another example of how cybercriminals disguise their malware activities as regular traffic by using legitimate cloud-based services. Trend Micro researchers have uncovered a new piece of malware that retrieves commands from memes posted on a Twitter account controlled […]
phpMyAdmin Releases Critical Software Update — Patch Your Sites Now!
phpMyAdmin Releases Critical Software Update — Patch Your Sites Now! Developers of phpMyAdmin, one of the most popular and widely used MySQL database management systems, today released an updated version 4.8.4 of its software to patch several important vulnerabilities that could eventually allow remote attackers to take control of the […]
Microsoft Issues Patch for Windows Zero-Day Flaw Under Active Attack
Microsoft Issues Patch for Windows Zero-Day Flaw Under Active Attack Microsoft today, on its year-end December Patch Tuesday, released security updates to patch a total 39 vulnerabilities its Windows operating systems and applications—10 of which are rated as critical and other important in severity. One of the security vulnerabilities patched […]
New Facebook Bug Exposed 6.8 Million Users Photos to Third-Party Apps
New Facebook Bug Exposed 6.8 Million Users Photos to Third-Party Apps Facebook’s latest screw-up — a programming bug in Facebook website accidentally gave 1,500 third-party apps access to the unposted Facebook photos of as many as 6.8 million users. Facebook today quietly announced that it discovered a new API bug in its […]
WordPress version 5.0.1 addressed several vulnerabilities
This week, the WordPress development team released on Thursday the version 5.0.1 of the popular CMS, that addresses several flaws. The Researcher Tim Coen discovered several cross-site scripting (XSS) vulnerabilities in the CMS. One of the flaws is caused by the ability of contributors to edit new comments from users with higher […]