Latest News

2019/11/13

Magento Warns E-Commerce Sites to Upgrade ASAP to Prevent Attacks

The popular e-commerce platform Magento is urging web administrators to install its latest security update in order to defend against malicious attacks in the wild that could exploit a critical remote code-execution vulnerability.

While the company didn’t specify what kinds of potential attacks that websites should be concerned about (Threatpost reached out for comment on this), Magento is a common target for the Magecart association of threat groups, which compromise websites built on unpatched e-commerce platforms in order to inject card-skimming scripts on checkout pages. The scripts steal unsuspecting customers’ payment card details and other information entered into the fields on the page.
2019/11/13

Adobe Patches Critical Bugs in Illustrator, Media Encoder

Adobe Systems is warning Illustrator 2019 users that two critical memory-corruption vulnerabilities could allow for an attacker to remotely connect to a Windows machine, execute code and gain control of the targeted system.

The create-suite behemoth also warned Tuesday, as part of its regular monthly patch advisories, that its Windows and macOS versions of its Adobe Media Encoder also have a critical vulnerability tied to an out-of-bounds write flaw.
2019/11/04

Exclusive: Government officials around the globe targeted for hacking through WhatsApp - sources

WASHINGTON (Reuters) - Senior government officials in multiple U.S.-allied countries were targeted earlier this year with hacking software that used Facebook Inc’s (FB.O) WhatsApp to take over users’ phones, according to people familiar with the messaging company’s investigation.
2019/11/04

Google Discloses Chrome Flaw Exploited in the Wild

Google is warning users of a high-severity vulnerability in its Chrome browser that is currently being exploited by attackers to hijack computers.

The flaw (CVE-2019-13720), discovered by security researchers Anton Ivanov and Alexey Kulaev at Kaspersky, exists in Google Chrome’s audio component. Google is urging users to update to the latest version of Chrome, 78.0.3904.87 (for Windows, Mac, and Linux) as it rolls out over the coming days.

“This [updated] version addresses vulnerabilities that an attacker could exploit to take control of an affected system,” according to a Thursday Cybersecurity and Infrastructure Security Agency (CISA) alert. “One of these vulnerabilities (CVE-2019-13720) was detected in exploits in the wild.”
2019/10/29

Georgia hit by massive cyber-attack

A huge cyber-attack has knocked out more than 2,000 websites - as well as the national TV station - in the country of Georgia.
Court websites containing case materials and personal data have also been attacked.
In many cases, website home pages were replaced with an image of former President Mikheil Saakashvili, and the caption "I'll be back".
Source: www.bbc.com