Windows malware Slub abuses Slack and GitHub to steal data
Trend Micro researchers say they found a new malware that uses Slack channels, GitHub, and file.io to steal data from Windows PCs. The malware is called Slub and is part of a 'watering hole', which is a type of attack that consists of compromising a website that is probably visited by the target gro... Read more
Citrix victim of hack, potentially large amount of data stolen
Citrix has been the victim of an attack by hackers, in which a large amount of data may have been stolen from customers. That's what Forbes reports. The attack was reported to the company by the FBI on March 6.
The FBI contacted Citrix to report that international cybercriminals were likely to have ... Read more
‘Banking trojan attacks sharply increased in 2018’.
Kaspersky Lab warns of the rise of banking trojans, or bankers. According to the Russian security company, the spread of this malware has increased considerably over the past year. According to the company, a total of almost 900,000 took place in 2018, with fifteen percent more than a year earlier. ... Read more
Cisco advises Nexus switch owners to disable POAP function
Cisco has advised owners of Nexus switches to disable a feature called PowerOn Auto Provisioning (POAP) for security reasons. POAP is now enabled by default in NX-OS, the operating system on Nexus.
POAP is an automatic provisioning and zero-touch deployment feature that helps device owners with the... Read more
CyberArk Labs discovers the possibility of accessing sensitive data via containers
CyberArk Labs has discovered that it is possible for hackers to manipulate so-called defense-in-depth strategies to access sensitive information. Known kernel vulnerabilities can be used in container environments, allowing an attacker to escape to the host.
Security tools for Linux - such as seccomp... Read more
Thunderclap leak makes Thunderbolt computers vulnerable to attacks
A team of researchers has discovered a new vulnerability in Thunderbolt's data transfer specification. The vulnerability is called Thunderclap and can open up computers to serious attacks from otherwise harmless USB-C or DisplayPort hardware.
Thunderclap uses the privileged, direct memory access (D... Read more
New 4G and 5G vulnerabilities allow hackers to intercept calls
A group of scientists found three new security problems in 4G and 5G. According to the scientists, this enables hackers to intercept telephone calls and track the location of smartphone users. That's what TechCrunch reports.
This would be the first time that vulnerabilities affect both 4G and the up... Read more
New Android malware slurps battery and uses a lot of mobile data
New Android malware has been discovered that has a major impact on the battery of an infected device. The malware also uses a lot of mobile data to carry out advertising fraud. DrainerBot spreads through infected apps that have been downloaded millions of times.
The new malware was discovered by Ora... Read more
Code-execution error in WinRAR was 14 years of risk to users
WinRAR, a file compression program for Windows with 500 million users worldwide, has solved a vulnerability of over 14 years old. The vulnerability made it possible for attackers to run rogue code when a target opened a file with a booby trap, reports Ars Technica.
The vulnerability was the result o... Read more
Three largest political parties Australia victim of hack attack
With only a few weeks to go before the elections, Australian Prime Minister Scott Morrison has announced that the country's three largest political parties have been hacked. This is a hack from a party that probably works on behalf of a government, although it is not certain which country and with w... Read more