HackDig : Dig high-quality web security articles

Security Affairs newsletter Round 310

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Is the recent accident at Iran Natanz nuclear plant a cyber attack?Joker malware infected 538,000 Huawei Android devicesPersonal data of 1.3 million Clubhouse users leaked onlineFitch Ratings: Cyberattac
Publish At:2021-04-18 08:21 | Read:88 | Comments:0 | Tags:Breaking News data breach Hacking hacking news information s

Is BazarLoader malware linked to Trickbot operators?

Experts warn of malware campaigns delivering the BazarLoader malware abusing popular collaboration tools like Slack and BaseCamp. Since January, researchers observed malware campaigns delivering the BazarLoader malware abusing popular collaboration tools like Slack and BaseCamp. The campaigns aimed at employees of large organizations, the messages attempt
Publish At:2021-04-18 07:49 | Read:101 | Comments:0 | Tags:Breaking News Cyber Crime Malware BazarLoader malware Hackin

Google Project Zero updates vulnerability disclosure policy moving to a “90+30” model

Google Project Zero security team has updated its vulnerability disclosure policy, it gives users 30 days to patch flaws before disclosing associated technical details. The Google Project Zero security team announced an update to its vulnerability disclosure policy, it could include additional 30 days to the disclosure process for some bugs to give end-us
Publish At:2021-04-17 15:20 | Read:107 | Comments:0 | Tags:Breaking News Security Google Hacking hacking news informati

6 out of 11 EU agencies running Solarwinds Orion software were hacked

SolarWinds supply chain attack also impacted six European Union institutions, European Commissioner for Budget and Administration confirmed. European Commissioner for Budget and Administration Johannes Hahn confirmed the hack of some EU agencies as result of the SolarWinds supply chain attack in a response to a question filed by an EU Parliament member in
Publish At:2021-04-17 04:24 | Read:160 | Comments:0 | Tags:Breaking News Hacking EU hacking news information security n

Critical RCE can allow attackers to compromise Juniper Networks devices

Cybersecurity provider Juniper Networks addressed a critical vulnerability that could be exploited by attackers to remotely hijack or disrupt vulnerable devices. Cybersecurity vendor Juniper Networks addressed a critical vulnerability in Junos OS, tracked as CVE-2021-0254, that could allow an attacker to remotely hijack or disrupt affected devices. This f
Publish At:2021-04-16 16:39 | Read:161 | Comments:0 | Tags:Breaking News Security DOS Hacking hacking news information

Russia-linked APT SVR actively targets these 5 flaws

The US government warned that Russian cyber espionage group SVR is exploiting five known vulnerabilities in enterprise infrastructure products. The U.S. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) have published a joint advisory that warns that Russia-linked APT
Publish At:2021-04-16 08:49 | Read:210 | Comments:0 | Tags:Breaking News Cyber warfare Hacking hacking news information

US Gov sanctions Russia and expels 10 diplomats over SolarWinds hack

The U.S. and UK attributed with “high confidence” the recently disclosed supply chain attack on SolarWinds to Russia’s Foreign Intelligence Service (SVR). The U.S. and U.K. attributed with “high confidence” the supply chain attack on SolarWinds to operatives working for Russia’s Foreign Intelligence Service (SVR) (ska A
Publish At:2021-04-15 21:04 | Read:192 | Comments:0 | Tags:Breaking News Cyber warfare Hacking hacking news information

April 2021 Security Patch Day fixes a critical flaw in SAP Commerce

April 2021 Security Patch Day includes 14 new security notes and 5 updates to previously released notes, one of them fixes a critical issue in SAP Commerce. April 2021 Security Patch Day includes 14 new security notes and 5 updates to previously released ones, among the issues addressed by the software giant there is a critical flaw in SAP Commerce. &#
Publish At:2021-04-15 09:19 | Read:165 | Comments:0 | Tags:Breaking News Security Hacking hacking news information secu

For the second time in a week, a Google Chromium zero-day released online

For the second time in a week, a Chromium zero-day remote code execution exploit code has been released on Twitter, multiple browsers impacted. A new Chromium zero-day remote code execution exploit has been released on Twitter this week, kile the previous one that affects current versions of Google Chrome, Microsoft Edge, and likely other Chromium-based b
Publish At:2021-04-15 04:38 | Read:157 | Comments:0 | Tags:Breaking News Hacking Chrome Chromium zero-day hacking news

WhatsApp flaws could have allowed hackers to remotely hack mobile devices

WhatsApp addressed two security vulnerabilities in its app for Android that could have been exploited to remotely hack the victim’s device. WhatsApp recently addressed two security vulnerabilities in its app for Android that could have been exploited by remote attackers to execute malicious code on a target device and potentially eavesdrop on commun
Publish At:2021-04-14 17:39 | Read:155 | Comments:0 | Tags:Breaking News Hacking Mobile hacking news information securi

FireEye: 650 new threat groups were tracked in 2020

FireEye published its M-Trend 2021 report based on the data collected during the investigation, 650 new threat groups were tracked in 2020 FireEye published its annual report, titled M-Trend 2021, which is based on the data collected during the investigation on security incidents it managed. Most of the incidents investigated by Mandiant (59%) in 2020 wer
Publish At:2021-04-14 11:40 | Read:174 | Comments:0 | Tags:APT Breaking News Cyber Crime Cyber warfare Reports Hacking

FBI silently removed web shells planted on Microsoft Exchange servers in the US

FBI log into web shells that hackers installed on Microsoft Exchange email servers across the US and removed the malicious code used by threat actors. A US judge granted the FBI the power to log into web shells that were injected by nation-state hackers on Microsoft Exchange servers across the US and remove the malware, announced the US Department of Just
Publish At:2021-04-14 06:26 | Read:145 | Comments:0 | Tags:Breaking News Malware Hacking hacking news information secur

Sweden blames Russia for Swedish Sports Confederation hack

The Swedish Sports Confederation organization was compromised in 2017-18 by hackers working for Russian military intelligence, officials said. The Swedish Sports Confederation is the umbrella organisation of the Swedish sports movement, it was hacked by Russian military intelligence in a campaign conducted between December 2017 and May 2018, officials sai
Publish At:2021-04-14 02:31 | Read:125 | Comments:0 | Tags:Breaking News Cyber warfare Intelligence GRU Hacking hacking

Microsoft fixes 2 critical Exchange Server flaws reported by the NSA

Microsoft patch Tuesday security updates address four high and critical vulnerabilities in Microsoft Exchange Server that were reported by the NSA. Microsoft patch Tuesday security updates released today have addressed four critical and high severity vulnerabilities in Exchange Server (CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483), some
Publish At:2021-04-13 18:09 | Read:167 | Comments:0 | Tags:Uncategorized Hacking hacking news information security news

Adobe addresses two critical vulnerabilities in Photoshop

Adobe has addressed security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp. Adobe has fixed ten security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp. Seven vulnerabilities have been rated as critical, some of them could be exploited by remote attackers to execute arbitr
Publish At:2021-04-13 14:14 | Read:94 | Comments:0 | Tags:Breaking News Security Adobe Hacking hacking news informatio

Keywords