The U.S. National Security Agency (NSA) warned that the Sandworm team is exploiting a vulnerability that affects Exim Mail Transfer Agent (MTA) software.In a cybersecurity advisory published on May 28, the NSA revealed that the Sandworm team has been exploiting the Exim MTA security flaw since August 2019.The vulnerability (CVE-2019-10149) first appeared in

The U.S. NSA warns that Russia-linked APT group known as Sandworm Team have been exploiting a critical flaw in the Exim mail transfer agent (MTA). The U.S. National Security Agency (NSA) is warning that Russia-linked APT group tracked Sandworm Team has been exploiting a critical vulnerability (CVE-2019-10149) in the Exim mail transfer agent (MTA) software

Back in October 2019 we detected a classic watering-hole attack on a North Korea-related news site that exploited a chain of Google Chrome and Microsoft Windows zero-days. While we’ve already published blog posts briefly describing this operation (available here and here), in this blog post we’d like to take a deep technical dive into the exploit

byPaul DucklinApple’s latest iOS versions have only been out for a week.The updates are new enough that Apple’s own Security updates page still lists [2020-05-26T14:00Z] the security holes that were fixed in iOS 13.5 and iOS 12.4.7 as “details available soon”.But there’s a jailbreak available already for iOS 13.5, released by th

byLisa VaasWhen work-from-home became a sudden, urgent need in March, many organizations slapped together cloud-collaboration services such as Microsoft Office 365 for their newly locked-down staff.Unfortunately and understandably, pressure was high. People were scrambling. Thus did a number of those services get put together with a wing, a prayer, and misco

While a massive flood of attacks has yet to materialize, cybersecurity experts say this could be the calm before the storm.The oil and gas industry has been taking a beating as severe as any other hit hard by the COVID-19 shutdown. Tanker ships loaded with crude idle in the ocean, traders struggle to store what has already been pumped, and last week prices p

Nowadays, Bluetooth is an integral part of mobile devices. Smartphones interconnect with smartwatches and wireless headphones. By default, most devices are configured to accept Bluetooth connections from any nearby unauthenticated device. Bluetooth packets are processed by the Bluetooth chip (also called a controller), and then passed to the host (Android, L

Hi,regardless of being a deprecated technology, there are still many legacy applications relying on java applets out there. A bit of time ago we were involved in an atypical web application penetration test.The difficulty consisted in the fact that the java serialized payload responsible for triggerring the vulnerability was located inside the authenticated

IBM X-Force researchers spotted a new COVID-19-themed campaign spreading the infamous TrickBot trojan through fake messages. IBM X-Force researchers uncovered a new COVID-19-themed campaign that is spreading the infamous TrickBot trojan through fake messages. The spam messages pretend to be sent by the Department of Labor’s Family and Medical Leave Act

Millions of people have moved onto the Zoom video-conferencing platform as the Coronavirus pandemic has forced them to work from their homes.According to Zoom’s own statistics, its daily usage has soared from approximately 10 million daily users in December to over 200 million today. And although Zoom must be pleased to see so many more people using it

Hackers are selling two zero-day exploits for critical issues affecting the video conferencing software Zoom that would allow attackers to spy on communications. Hackers are offering for sale an exploit for a zero-day remote code execution vulnerability affecting the Windows client for Zoom. The zero-day exploit goes for $500,000, hackers are also offeri

Microsoft Patch Tuesday security updates for April 2020 address 113 flaws, including three Windows issues that have been exploited in attacks in the wild. Microsoft Patch Tuesday security updates for April 2020 address 113 flaws, including two remote code execution flaws in Windows that are actively exploited. 17 vulnerabilities are rated critical, the

Microsoft’s Update Tuesday patches for April 2020 address 113 vulnerabilities, including three Windows flaws that have been exploited in attacks for arbitrary code execution and privilege escalation.Microsoft has patched two actively exploited remote code execution vulnerabilities related to the Adobe Type Manager Library. Despite its name, this library is e

While shelter in place has left many companies struggling to stay in business during the COVID-19 epidemic, one company in particular has seen its fortunes rise dramatically. Zoom, the US-based maker of teleconferencing software, has become the web conference tool of choice for employees working from home (WFH), friends coming together for virtual happy hour

<p><span style="background-color: transparent;">In recent efforts to deliver attacks that abuse the novel coronavirus, threat actors are exploiting workplace concerns about outbreak prevention and shipment delays. Below are two examples sent with the intent of delivering malware.&nbsp;</span></p> <p><i>We are provid