The British Airways Entertainment System, as installed on Boeing 777-36N(ER) and possibly other aircraft, is affected by a privilege escalation issue tracked as CVE-2019-9019. Experts discovered a critical vulnerability in the British Airways Entertainment System. The flaw is a privilege escalation issue that resides in the component USB Handler, an attacker could exploit […]
Hacking
Malware spam campaign exploits WinRAR flaw to deliver Backdoor
Experts discovered a malspam campaign that is distributing a malicious RAR archive that could exploit the WinRAR flaw to install deliver malware on a computer. A few days ago, security experts at CheckPoint software have disclosed a critical 19-year-old vulnerability in the WinRAR that could be exploited by attackers to gain full […]
New Attacks Against 4G, 5G Mobile Networks Re-Enable IMSI Catchers
At NDSS Symposium 2019, a group of university researchers yesterday revealed newly discovered cellular network vulnerabilities that impact both 4G and 5G LTE protocols. According to a paper published by the researchers, « Privacy Attacks to the 4G and 5G Cellular Paging Protocols Using Side Channel Information, » the new attacks could allow remote […]
Another Critical Flaw in Drupal Discovered — Update Your Site ASAP!
Developers of Drupal—a popular open-source content management system software that powers millions of websites—have released the latest version of their software to patch a critical vulnerability that could allow remote attackers to hack your site. The update came two days after the Drupal security team released an advance security notification of the […]
Warning: Critical WinRAR Flaw Affects All Versions Released In Last 19 Years
Beware Windows users… a new dangerous remote code execution vulnerability has been discovered in the WinRAR software, affecting hundreds of millions of users worldwide. Cybersecurity researchers at Check Point have disclosed technical details of a critical vulnerability in WinRAR—a popular Windows file compression application with 500 million users worldwide—that affects […]
Critical Flaw Uncovered In WordPress That Remained Unpatched for 6 Years
Exclusive — If you have not updated your website to the latest WordPress version 5.0.3, it’s a brilliant idea to upgrade the content management software of your site now. From now, I mean immediately. Cybersecurity researchers at RIPS Technologies GmbH today shared their latest research with The Hacker News, revealing the existence […]
How to Hack Facebook Accounts? Just Ask Your Targets to Open a Link
It’s 2019, and just clicking on a specially crafted URL would have allowed an attacker to hack your Facebook account without any further interaction. A security researcher discovered a critical cross-site request forgery (CSRF) vulnerability in the most popular social media platform that could have been allowed attackers to hijack […]
Over 92 Million New Accounts Up for Sale from More Unreported Breaches
All these numbers…. « More than 5 billion records from 6,500 data breaches were exposed in 2018 » — a report from Risk Based Security says. « More than 59,000 data breaches have been reported across the European since the GDPR came into force in 2018 » — a report from DLA Piper says. […]
Toyota PASTA Car-Hacking Tool will be soon on GitHub
Takuya Yoshida from Toyota’s InfoTechnology Center and his colleague Tsuyoshi Toyama are members of a Toyota team that developed the new tool, called PASTA (Portable Automotive Security Testbed). PASTA is an open-source testing platform specifically designed for car hacking, it was developed to help experts to test cyber security features of […]
Malicious PDF Analysis
In the last few days I have done some analysis on malicious documents, especially PDF. Then I thought, “Why not turn a PDF analysis into an article?” Let’s go to our case study: I received a scan request for a PDF file that was reported to support an antivirus vendor, and it […]