Microsoft fixed the Zero-Day for JET flaw, but the fix is incomplete

Haythem Elmir

Experts from 0Patch revealed that the Microsoft Zero-Day Patch for JET Database Engine vulnerability (CVE-2018-8423) is incomplete. The vulnerability was discovered by the researcher Lucas Leong of the Trend Micro Security Research team that publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows. The flaw is an out-of-bounds (OOB) write in […]

Facebook a confirmé que les hackers ont volé des données personnelles détaillées de 14 millions de personnes

Haythem Elmir

Le 28 septembre dernier, Facebook annonçait le piratage d’environ 50 millions de comptes dans une attaque considérée comme étant la plus importante de l’histoire du réseau social. Selon Facebook, les attaquants ont exploité une vulnérabilité de sécurité résultant de l’interaction de trois bogues distincts sur deux fonctionnalités du réseau social, à savoir, […]

GPlayed Trojan – .Net playing with Google Market

Haythem Elmir

Introduction In a world where everything is always connected, and mobile devices are involved in individuals’ day-to-day lives more and more often, malicious actors are seeing increased opportunities to attack these devices. Cisco Talos has identified the latest attempt to penetrate mobile devices — a new Android trojan that we […]

Hackers Exploit Drupalgeddon2 to Install Backdoor

Haythem Elmir

A threat actor was observed targeting Drupal vulnerabilities patched earlier this year to install a backdoor on compromised servers, IBM reports. The hackers target CVE-2018-7600, or Drupalgeddon2, a critical vulnerability found to impact Drupal versions 6, 7 and 8, but which was addressed in March this year. Assigned a risk score […]