Flaw in SOLEO IP Relay Service potentially exposed over 30 million Canadian records

Major Internet service providers (ISPs) in Canada were impacted by a local file disclosure flaw in the SOLEO IP Relay service that was recently addressed. Almost all major Internet service providers (ISPs) in Canada were impacted by a local file disclosure vulnerability in the SOLEO IP Relay service that was recently addressed. Telecommunications relay services (TRSs) developed by Soleo […]

The post Flaw in SOLEO IP Relay Service potentially exposed over 30 million Canadian records appeared first on Security Affairs.

CSE-News / 19 Ago 2018

Twitch bug may have exposed some users messages to others

A glitch in the live streaming platform Twitch may have exposed some of its users’ private messages to other users. The company is notifying affected users. The live streaming platform Twitch warning users that a glitch may have exposed some of their private messages to other users. The company sent out the notifications to some broadcasters informing them that […]

The post Twitch bug may have exposed some users messages to others appeared first on Security Affairs.

CSE-News / 19 Ago 2018

Malware researcher reverse engineered a threat that went undetected for at least 2 years

The popular malware researchers Marco Ramilli has analyzed a malware that remained under the radar for more than two years. Today I’d like to share the following reverse engineering path since it ended up to be more complex respect what I thought. The full path took me about hours work and the sample covers many […]

The post Malware researcher reverse engineered a threat that went undetected for at least 2 years appeared first on Security Affairs.

CSE-News / 19 Ago 2018

Unusual Malspam campaign targets banks with Microsoft Publisher files

Researchers from Trustwave have uncovered a malspam campaign targeting banks with the FlawedAmmyy RAT. The peculiarity of this malspam campaign is the unusual use of a Microsoft Office Publisher file to infect victims’ systems. Experts noticed an anomalous spike in the number of emails with a Microsoft Office Publisher file (a .pub attachment) and the subject line, “Payment Advice,” that was sent to domains belonging […]

The post Unusual Malspam campaign targets banks with Microsoft Publisher files appeared first on Security Affairs.

CSE-News / 19 Ago 2018

Security Affairs newsletter Round 176 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! ·      DNS Hijacking targets Brazilian financial institutions ·      […]

The post Security Affairs newsletter Round 176 – News of the week appeared first on Security Affairs.

CSE-News / 18 Ago 2018

North Korea-linked Dark Hotel APT leverages CVE-2018-8373 exploit

The North Korea-linked Dark Hotel APT group is leveraging the recently patched CVE-2018-8373 vulnerability in the VBScript engine in attacks in the wild. The vulnerability affects Internet Explorer 9, 10 and 11, it was first disclosed last month by Trend Micro and affected all supported versions of Windows. The flaw could be exploited by remote attackers […]

The post North Korea-linked Dark Hotel APT leverages CVE-2018-8373 exploit appeared first on Security Affairs.

CSE-News / 18 Ago 2018

China’s Belt and Road project (BRI) is a driver of regional cyber threat activity

Security experts have observed increasing cyber espionage activity related to China’s Belt and Road Initiative (BRI). The alarm was launched by the experts from cybersecurity firms FireEye and Recorded Future. China’s Belt and Road Initiative (BRI) is a development project for the building of an infrastructure connecting countries in Southeast Asia, Central Asia, the Middle East, Europe, […]

The post China’s Belt and Road project (BRI) is a driver of regional cyber threat activity appeared first on Security Affairs.

CSE-News / 18 Ago 2018

2.6 billion records exposed in 2,308 disclosed data breaches in H1

According to a report from cyber threat intelligence firm Risk Based Security some 2.6. billion data records have been exposed in data breached in the first half of 2018. According to a new report titled “Mid-Year 2018 Data Breach QuickView” published by the cyber threat intelligence company Risk Based Security some 2.6. billion data records have been exposed […]

The post 2.6 billion records exposed in 2,308 disclosed data breaches in H1 appeared first on Security Affairs.

CSE-News / 17 Ago 2018

Marap modular downloader opens the doors to further attacks

Researchers discovered a new modular downloader, tracked as Marap malware, that is being used in large campaigns targeting financial institutions. Researchers from Proofpoint have spotted a new modular downloader in large campaigns targeting financial institutions, experts believe the malicious code could be used to deliver additional malware in future attacks. Earlier August, Proofpoint reported several […]

The post Marap modular downloader opens the doors to further attacks appeared first on Security Affairs.

CSE-News / 17 Ago 2018

An Australian schoolboy hacked into Apple Servers and stole 90GB of secure files

According to Australian media, a teen hacker broke into Apple mainframe and downloaded 90GB of secure files. He dreams to work for the Tech Giant. I believe it is time for Apple to hire an Australian 16-year old schoolboy who hacked its computer systems. Yes, it is not a joke, according to Australian media the teen […]

The post An Australian schoolboy hacked into Apple Servers and stole 90GB of secure files appeared first on Security Affairs.

CSE-News / 16 Ago 2018