Industry News
-
Weekly News Digest #9
New Chrome 0-day Under Active Attacks – Update Your Browser Now The new Chrome Zero-day vulnerability is actively exploited by the intruders. So Google is urgently notifying all users to update their browsers. Tracked as CVE-2020-15999, the actively exploited vulnerability is a type of memory-corruption flaw called heap buffer overflow in Freetype, a popular open-source
-
Weekly News Digest #8
800,000 SonicWall VPNs vulnerable to new remote code execution bug Over 800,000 internet-accessible SonicWall VPN appliances are vulnerable to CVE-2020-5135, a critical bug with a rating of 9.4 out of 10. It is assumed to happen under active exploitation once proof-of-concept code is made publicly available. Link here Barnes & Noble Hack: A Reading List
-
Weekly News Digest #7
Hackers claim they can now jailbreak Apple’s T2 security chip Last week security researchers have published the information about security flaws they’ve found in the Apple T2 security chip, which provides security features for iPhone, Mac, and MacBook devices. That allows attackers to gain full control of these devices and modify their OS. Potentially, it
-
Weekly News Digest #6
Microsoft Windows XP Source Code Reportedly Leaked Online The source code of one of the most popular Operating Systems in the past, Windows XP, was leaked. 43 Gbs of source code related to the XP family was published on torrent trackers. Last week some enthusiasts built Windows Server 2003 operating system from sources, so if
-
Weekly News Digest #5
Ransomware attack at a German hospital leads to the death of a patient A man had a life-threatening condition and passed away after being forced to go to a more distant hospital because the nearest hospital was under a ransomware attack. German police contacted the ransomware operators via the ransom note instructions and explained that
-
Weekly news digest #4
Friday is a great day to wrap up some of the biggest news in the cybersecurity world. Top 5 most interesting news and research from the past week. Hackers Steal $5.4 Million From Crypto Exchange Eterbase Eterbase cryptocurrency exchange platform this week announced that hackers breached its systems and stole $5.4 million. During the attack,
-
Friday news digest #2
Friday is a great day to wrap up some of the biggest news in the cybersecurity world. Top 5 most interesting news and research from the past week. APT Hackers Exploit Autodesk 3ds Max Software for Industrial Espionage APT Groups starts to infiltrate the company using a tainted and specially crafted plugin for Autodesk 3ds
-
Friday News Digest #1
Friday is a great day to wrap up some of the biggest news in the cybersecurity world. Starting this week, we will be posting the top 5 most important news and research from the past week. How Hackers Bled 118 Bitcoins Out of Covid Researchers in U.S. Highly skilled hackers were able to plot a
-
Microsoft to reward up to $40,000 on Azure Bug Bounty Program
Infrastructure As A Service (IaaS) attacks is an IT department’s worst nightmare. Imagine a cybercriminal planting a backdoor inside your server, at which point they can consistently use to discreetly steal data. Furthermore, this does not only affect the bare-metal server as this backdoor will remain intact as the cloud infrastructure goes from one customer
-
90+ Cryptocurrency Exchanges are in Danger Because of the Outdated Library
# Intro Crypto exchanges are the banks of the future, accumulating and operating with large amounts of clients’ funds and, due to the KYC process, are responsible for handling a considerable amount of sensitive data. Therefore, security is a serious issue that should be addressed in advance. We’ve decided to make a research regarding vulnerability
-
DATA: The Path to a Mature Crypto Industry
It is no secret that the crypto industry is still in its infancy. Lack of governmental regulation and industry rules has created a space for unfair players to use unethical and sometimes fraudulent techniques to gain an advantageous market position. One of the areas of major concern is trading volume numbers that are reported by
-
French data revolution – millions of records exposed by a job agency
On the 21st of December 2018, while researching another output of Shodan search results, we discovered an unprotected Elasticsearch cluster exposing millions of records with very sensitive data. The names of the indexes and their content left no doubt as to the owner of data – an “online temp agency” known as MisterTemp – which
Subscribe to Hacken emails
Enter your email and be the
first to know all the news posted on Hacken Research
