Apple released a patch for macOS High Sierra 10.13 that address also a flaw in Apple file system that exposes encrypted drive’s password in the hint box. Apple yesterday released a security patch for macOS High Sierra 10.13 to fix vulnerabilities in the Apple file system (APFS) volumes and Keychain software. The vulnerability in […]
Hacking
Hackers of Russia Stole NSA’s Secrets using Kaspersky antivirus
The report may well be valid, but, for now, there’s no way to individually confirm it. The statement is based on unnamed personalities the publication says had an understanding of the matter, and it provides no data to back its claim. What’s more, the lack of particular leaves opens the […]
Code Execution flaw patched in Apache Tomcat
Several security vulnerabilities have been patched in recent weeks in Apache Tomcat, including the CVE-2017-12617 Code Execution vulnerability. Several security vulnerabilities have been patched in recent weeks in Apache Tomcat. The list of fixed flaws recently addressed also included code execution vulnerabilities. Apache Tomcat is the most widely used web application server, […]
It’s 3 Billion! Yes, Every Single Yahoo Account Was Hacked In 2013 Data Breach
The largest known hack of user data in the history just got tripled in size. Yahoo, the internet company that’s acquired by Verizon this year, now believes the total number of accounts compromised in the August 2013 data breach, which was disclosed in December last year, was not 1 billion—it’s 3 Billion. Yes, […]
Google’s Security Research Team Identifies and Fixes 7 Vulnerabilities in Dnsmasq
Regardless of what you may think of Google as a company, it is difficult to criticize their prolific and in-depth security research. The latest example is their disclosure of seven distinct issues in the Dnsmasq software package. From the authors’ website, “Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network […]
According to Kaspersky Lab, sixty percent of institutions in Saudi Arabia have experienced malware-based attacks over the past 12 months.
Malware continues to be one of the most dangerous threats for organizations worldwide, and data recently disclosed by security firms. According to Kaspersky Lab, Saudi Arabia is under a constant malware-based attack, the experts reported that sixty percent of institutions in the country were hit by malicious code attacks and malware […]
Kazakhstan Banks hit by massive DDoS attack
According to local media, several banks in the country have faced a massive DDoS(Distributed Denial of Service) attacks over the past few days. The attack traffic came from several countries at the same time. As a result, bank websites were unavailable for a certain time. One of the affected bank […]
Industrial computer systems increasingly targeted by hackers, warns Kaspersky
Companies in the manufacturing, industrial and infrastructure sectors have been warned to tighten up their security as industrial control systems increasingly come under sophisticated attacks. The warning comes from security specialist Kaspersky, which has warned that computers used in industry have become prime targets for hackers. Kaspersky says that one […]
Elaborate scripting-fu used in espionage attack against Saudi Arabia Government entity
We recently came across a campaign targeting a Saudi Arabia Government entity via a malicious Word document which at first reminded us of an attack we had previously described on this blog. In our previous research, we detailed how an information stealer Trojan was deployed via a Word macro, in order […]
Apple’s iOS 11 release prevents backdoor exploit on Wi-Fi chips
Apple’s release of iOS 11 patched an out-of-bounds write vulnerability in Wi-Fi chips that, if exploited, could have allowed attackers within range to execute arbitrary code on the firmware. Designated CVE-2017-11120, the bug was discovered by team researcher Gal Beniamini, and is comparable to the Broadpwnvulnerability found in Broadcom chipsets earlier this year. Following Apple’s Sept. […]