Cybersecurity Highlights

This section registers the most relevant incidents or public events related to the cybersecurity and information and communication technologies (ICT), in a way that a chronological history of them is available, together with their main links, references and information sources.

Post related to: 0day

0day vulnerability exploited in General Bytes

General Bytes, a global provider of Bitcoin ATMs, has been the victim of a cyber-attack that exploited a 0day vulnerability in the CAS (computer algebra system) administrator interface.According to...

References:

generalbytes.atlassian.net

diariobitcoin.com

cointelegraph.com

es.gizmodo.com

businessinsider.es

unaaldia.hispasec.com

Tags:

Twitter confirms a vulnerability that has affected the data of its users

The company Twitter, on an official statement published on its website, from the privacy center, has reported an incident that has allowed the theft of data from some of its user accounts. The...

References:

privacy.twitter.com

abcnews.go.com

economictimes.indiatimes.com

elespanol.com

lavozdegalicia.es

engadget.com

Tags:

Supply-chain cyberattack against Kaseya VSA software

Software company Kaseya, dedicated to offer IT solutions and products to managed service providers (MSP), confirmed that it has been the victim of sophisticated supply-chain cyberattack that...

References:

helpdesk.kaseya.com

us-cert.cisa.gov

bleepingcomputer.com

xataka.com

thehackernews.com

Tags:

Other critical infrastructures

Tool

Vulnerability

Microsoft warns that government-backed cybercriminals gained access to email systems

The Microsoft Threat Intelligence Center (MSTIC) has reported multiple 0-day exploits used by a Chinese state-sponsored threat actor to attack local versions of Microsoft Exchange Server in a...

References:

blogs.microsoft.com

microsoft.com

bleepingcomputer.com

20minutos.es

Tags:

Other critical infrastructures

Vulnerability

Windows

Cyberattacks aimed at a product of Accellion

Accellion, a company dedicated to providing cloud solutions for secure file sharing and business-to-business collaboration, has confirmed a security incident involving its File Transfer Application...

References:

accellion.com

incibe-cert.es

asic.ov.au

sao.wa.gov

unaaldia.hispasec.com

singtel.com

qimrberghofer.edu.au

ir.kroger.com

accellion.com

transport.nsw.gov.au

bombardier.com

accellion.com

blog.qualys.com

flagstar.com

Tags:

Public administration

Tool

Vulnerability

Campaign targeting cybersecurity researchers detected

Google has identified an ongoing campaign targeting cybersecurity researchers working on study of vulnerabilities across multiple companies and organizations, suspected to be perpetrated by an...

References:

blog.google

bleepingcomputer.com

zdnet.com

unaaldia.hispasec.com

microsoft.com

blog.google

Tags:

Mitsubishi Electric has been the victim of a cyberattack

Mitsubishi Electric has been compromised by a data leak, approximately 200MB, due to unauthorized access.The incident was detected on June 28, 2019, and was made public last Monday, January 20. The...

References:

mitsubishielectric.co.jp

japantimes.co.jp

infosecurity-magazine.com

bankinfosecurity.com

Tags:

Google reveals how an iOS malware campaign works

In early 2019, Google’s Threats Analysis Group (TAG) notified Apple about 14 vulnerabilities affecting iPhone devices from versions iOS 10 to iOS 12. This vulnerabilities was patched on out-of-band...

References:

googleprojectzero.blogspot.com

support.apple.com

forbes.com

unaaldia.hispasec.com

Tags:

New vulnerability in Intel processors called SPOILER

Researchers at the Worcester Polytechnic Institute and the University of Lübeck have discovered a new vulnerability called SPOILER in Intel processors.This security flaw affects all Intel...

References:

arxiv.org

theregister.co.uk

forbes.com

vandal.elespanol.com

hardwaresfera.com

Tags:

0day

Tool

Vulnerability

Discovered a bug in macOS High Sierra

Patrick Wardle, a former US NSA employee, discovered an error in macOS High Sierra by which an attacker could access to password protected areas.MacOS has a system to avoid the unwanted loading of...

References:

threatpost.com

genbeta.com

hotforsecurity.bitdefender.com

Tags:

0day

Apple

Vulnerability

Corporate access

Cybersecurity Highlights

0day vulnerability exploited in General Bytes

Twitter confirms a vulnerability that has affected the data of its users

Supply-chain cyberattack against Kaseya VSA software

Microsoft warns that government-backed cybercriminals gained access to email systems

Cyberattacks aimed at a product of Accellion

Campaign targeting cybersecurity researchers detected

Mitsubishi Electric has been the victim of a cyberattack

Google reveals how an iOS malware campaign works

New vulnerability in Intel processors called SPOILER

Discovered a bug in macOS High Sierra

Pages