Hacking

Linux kernel maintainers have rolled out security updates for two DoS vulnerabilities tracked as SegmentSmack and FragmentSmack. Linux kernel maintainers have released security patches that address two vulnerabilities, tracked as two bugs are known as SegmentSmack (CVE-2018-5390) and FragmentSmack (CVE-2018-5391). potentially exploitable to trigger a DoS condition. The vulnerabilities reside the Linux kernel’s […]

A new privilege escalation vulnerability with Cortana allows an attacker with physical access to do unauthorized browsing on the locked system. Security researchers form Mcafee observed two different scenario’s, in the first scenario attackers, can force Microsoft Edge browser to navigate to the URL hosted in attacker’s server, with the second case […]

DDoS attack volumes have increased by 50% to an average of 3.3 Gbps during May, June and July 2018, compared to 2.2 Gbps during the previous quarter, according to Link11. Attacks are also becoming increasingly complex, with 46% of incidents using two or more vectors. While attack volumes increased, researchers recorded a […]

Piping botnet – Israeli researchers warn of a potential distributed attack against urban water services that uses a botnet of smart irrigation systems that water simultaneously. Ben-Gurion University of the Negev (BGU) cyber security researchers warn of a potential distributed attack against urban water services that uses a botnet of […]

Fake emails targeting Office 365 users via malicious links inserted into SharePoint documents are the latest trick phishers employ to bypass the platform’s built-in security, Avanan researchers warn. The cloud security company says that the phishing attack was leveraged against some 10% of its Office 365 customers in the past […]

Dans le cadre de notre partenariat avec Intel, nous avons été informés de la découverte d’un vecteur exploitant les failles de type « attaques par canal auxiliaire d’exécution spéculative » (speculative execution side-channel attaks). Cette nouvelle vulnérabilité,  L1 Terminal Fault (L1TF), ou Foreshadow, est donc apparentée aux failles Spectre et Meltdown dévoilées […]

The Btlejacking Attack allows taking control over any Bluetooth Low Energy device, the attack abuses supervision timeout between two connected devices. The supervision timeout defines the time after which the connection is if no valid packets have been received. Security researcher Damien Cauquil reveal the attack on Aug. 11 Defcon hacker conference […]