Cybersecurity Highlights

This section registers the most relevant incidents or public events related to the cybersecurity and information and communication technologies (ICT), in a way that a chronological history of them is available, together with their main links, references and information sources.

Post related to: Vulnerability

The DarkIRC botnet aims to exploit vulnerable Oracle WebLogic servers

Researchers from Juniper Threat Labs have reported up to 5 types of cyberattacks against more than 3000 exposed Oracle WebLogic servers, including a botnet called DarkIRC.The goal of the...

References: 

blogs.juniper.net

incibe-cert.es

bleepingcomputer.com

noticiasseguridad.com

bankinfosecurity.com

Tags: 

Botnet

Cryptocurrency

Cybercrime

Cyberespionage

Incident

Industrial Control System

Information leakage

Internet

Malware

Vulnerability

Vulnerabilities in the EMV protocol allow payments without PIN

The contactless payment protocol for EMV bank cards, named after its founders Europay, Mastercard and Visa, contains several security flaws that allow criminals to make payments without using the...

References: 

emvrace.github.io

hackread.com

welivesecurity.com

europapress.es

xataka.com

Tags: 

Banking sector

e-commerce

Tool

Vulnerability

FCM keys expose millions of users to spam and phishing

Security researcher Abhishek Dharani, known as Abss, has blogged an investigation related to a vulnerability in Firebase Cloud Messaging (FCM), a cloud solution for messages and notifications on...

References: 

abss.me

portswigger.net

cybernews.com

nakedsecurity.sophos.com

Tags: 

Android

Apple

Application

Google

Internet

Tool

Vulnerability

DigiLocker fixes a vulnerability in its registry system

DigiLocker, the official platform of the Government of India for the issuance and verification of documents and certificates, has fixed a critical vulnerability that would have allowed a remote...

References: 

twitter.com

medium.com

yetanothersec.com

thehackernews.com

Tags: 

Encryption

Incident

Public administration

Tool

Vulnerability

Million Webkinz by Gankin credentials leaked

An anonymous cybercriminal has leaked the usernames and passwords of nearly 23 million players to Webkinz World, an online children's game owned by the Canadian company Ganz.A vulnerability in one...

References: 

twitter.com

zdnet.com

scmagazine.com

tn.com.ar

Tags: 

Cybercrime

Cyberespionage

Information leakage

Internet

Vulnerability

Security flaw in TikTok solved

Check Point cybersecurity researchers detected and reported a security flaw in the application of the popular social network TikTok.This flaw could have allowed cybercriminals to take control of...

References: 

checkpoint.com

theverge.com

threatpost.com

globbsecurity.com

Tags: 

Application

Social networks

Vulnerability

NordVPN suffers from unauthorised access to a data centre

NordVPN, a VPN provider, has confirmed that it suffered a cyber attack in March 2018 that gained unauthorized access to one of the data centers of a provider in Finland where its service was...

References: 

nordvpn.com

torguard.net

techcrunch.com

genbeta.com

unaaldia.hispasec.com

Tags: 

Cybercrime

Incident

Tool

Vulnerability

Google reveals how an iOS malware campaign works

In early 2019, Google’s Threats Analysis Group (TAG) notified Apple about 14 vulnerabilities affecting iPhone devices from versions iOS 10 to iOS 12. This vulnerabilities was patched on out-of-band...

References: 

googleprojectzero.blogspot.com

support.apple.com

forbes.com

unaaldia.hispasec.com

Tags: 

0day

Apple

Google

Malware

Vulnerability

Google improves Google Play Security Reward Program

In 2017, Google launched the Google Play Security Rewards Program (GPSRP) and three years after its creation, they have just announced an improvement in the program.With the aim of improving...

References: 

android-developers.googleblog.com

zdnet.com

xatakandroid.com

andro4all.com

Tags: 

Android

Application

Google

Malware

Vulnerability

Filtered information from millions of Bulgarian citizens

Christian Boykov, who was working as a researcher to prevent cyber attacks, has been arrested as allegedly responsible for leaking sensitive information from millions of Bulgarian citizens. He...

References: 

nap.bg

novinite.com

zdnet.com

infobae.com

unaaldia.hispasec.com

Tags: 

Cyberespionage

Incident

Information leakage

Public administration

Vulnerability

Pages

• First
• «
• 1 actual
• 2
• 3
• 4
• 5
• …
• »
• Last