Remove 09
Remove 2020 Remove Data Remove Information Security Remove Security
article thumbnail

CISA urges to fix actively exploited Firefox zero-days by March 21

Security Affairs

Cybersecurity and Infrastructure Security Agency (CISA) added recently disclosed Firefox zero-days to its Known Exploited Vulnerabilities Catalog. The post CISA urges to fix actively exploited Firefox zero-days by March 21 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

article thumbnail

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Security Affairs

Singapore, 09/18/2020 — Group-IB , a global threat hunting and intelligence company headquartered in Singapore, evidenced the transformation of the threat portfolio over the first half of 2020. Secure web- phishing. Secure web- phishing. Opened email lets spy in.

Phishing 109
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Google fixes the second zero-day in Chrome in 2 weeks actively exploited

Security Affairs

Google released Chrome 86.0.4240.183 for Windows, Mac, and Linux to fix 10 security vulnerabilities, including an RCE zero-day exploited in the wild. The zero-day flaw was discovered on October 29, 2020 by Google white-hat hacker Samuel Groß of Google Project Zero and Clement Lecigne of Google’s Threat Analysis Group.

Libraries 113
article thumbnail

CVE-2021-3064: Easily exploitable RCE flaw in Palo Alto Networks in GlobalProtect VPN

Security Affairs

“The smuggling capability was not designated a CVE identifier as it is not considered a security boundary by the affected vendor.” Our team was able to gain a shell on the affected target, access sensitive configuration data, extract credentials, and more. 2020-11-19: Randori discovered the buffer overflow vulnerability.

Access 117
article thumbnail

A flaw in GO SMS Pro App allows accessing media messages

Security Affairs

An unpatched security flaw in GO SMS Pro, a popular messaging app for Android with over 100 million installs, exposes media messages. GO SMS Pro is a popular Android messaging app with over 100 million installs, that has been found to be affected by an unpatched security flaw that publicly exposes media transferred between users.

Access 104
article thumbnail

Hacking Nespresso machines to have unlimited funds to purchase coffee

Security Affairs

The vulnerability was disclosed by the security researcher Polle Vanhoof. The Mifare Classic smart card technology is known to be insecure since 2008, when security researchers from Radboud University Nijmegen performed reverse engineering of the chip and published their findings. ” Vanhoof added. Pierluigi Paganini.

article thumbnail

SUPERNOVA, a Backdoor Found While Investigating SolarWinds Hack

Security Affairs

While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered another backdoor, tracked SUPERNOVA. Security experts from Symantec , Palo Alto Networks , and Guidepoint reported that threat actors behind the SolarWinds attack were also planting a.NET web shell dubbed Supernova. Pierluigi Paganini.

Libraries 145