Remove 09
Remove 2019 Remove Data Remove Information Security Remove Security
article thumbnail

CISA urges to fix actively exploited Firefox zero-days by March 21

Security Affairs

Cybersecurity and Infrastructure Security Agency (CISA) added recently disclosed Firefox zero-days to its Known Exploited Vulnerabilities Catalog. The post CISA urges to fix actively exploited Firefox zero-days by March 21 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

article thumbnail

Zero-day vulnerability in Android OS yet to be patched

Security Affairs

” reads the security advisory published by ZDI. ” The vulnerability resides in the way the Video for Linux (V4L2) driver handles input data, it could be exploited by an attacker to elevate permissions to kernel level. The post Zero-day vulnerability in Android OS yet to be patched appeared first on Security Affairs.

Access 78
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Security Affairs

Singapore, 09/18/2020 — Group-IB , a global threat hunting and intelligence company headquartered in Singapore, evidenced the transformation of the threat portfolio over the first half of 2020. Secure web- phishing. Opened email lets spy in. These findings confirm adversaries’ growing interest in Big Game Hunting. Pandemic chronicle.

Phishing 109
article thumbnail

Recently a large chunk of European mobile traffic was rerouted through China Telecom

Security Affairs

In November security researchers Chris C. The BGP route leak involved the Swiss data center of the company Safe Host that accidentally leaked over 70,000 routes from its routing table to the Chinese ISP. The post Recently a large chunk of European mobile traffic was rerouted through China Telecom appeared first on Security Affairs.

Paper 111
article thumbnail

Salesforce faced one of its biggest service disruption of ever

Security Affairs

. “One of our projects had all its profiles modified to enable modify all, allowing all users access to all data.” Salesforce customers have been unable to access the service since 09:56 PDT (16:56 UTC) on Friday. Salesforce customers have been unable to access the service since 09:56 PDT (16:56 UTC) on Friday.

IT 95
article thumbnail

Brazilian trojan banker is targeting Portuguese users using browser overlay

Security Affairs

One of the last occurrences was last December 2019, where the Lampion trojan operated in a very similar way, changing only the way the malware was distributed (via AWS S3 buckets and with the first stage encoded in a highly obfuscated VBS file). After that, the infected computer is restarted to make the trojan persistent.

article thumbnail

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Security Affairs

In February 2019, SI-LAB captured multiple samples of phishing campaigns using an Office Excel document carrying a malicious Excel 4.0 This is part of a giant list of Living off the Land (LOL) techniques that attackers employ to mask their activities from runtime endpoint security monitoring tools such as AVs. Technical Analysis.