Zyxel has moved to address a critical security vulnerability affecting Zyxel firewall devices that enables unauthenticated and remote attackers to gain arbitrary code execution. “A command injection vulnerability in the CGI program of some firewall versions could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device,” the company said in an advisory published Thursday. Cybersecurity firm Rapid7, which discovered and reported the flaw on April 13, 2022, said that the weakness could permit a remote unauthenticated adversary to execute code as the “nobody” user on...
The UK’s National Cyber Security Centre (NCSC) urges organizations to improve cybersecurity due to the risk of imminent destructive cyberattacks from Russia-linked APT groups. The NCSC is investigating recent cyber attacks against entities in Ukraine making parallelism with other attacks preciously attributed to Moscow, such as NotPetya (2017) and cyber attacks against Georgia. “UK organisations are being urged to bolster their cyber security resilience in response to the malicious cyber incidents in and around Ukraine. ” reads the alert published by the NCSC. While the tension between Ukraine and Russia is rising, the risks of...
Hackers have breached the Segway website and placed malicious code on its online store to collect payment card details from online shoppers. “The website was compromised at least since January 6th,” antivirus maker Malwarebytes said on Monday. The security firm said the attack was still ongoing at the time it published its blog post and security alert. A spokesperson from Segway did not return a request for comment, but an inspection of the store’s source code suggests the company has removed the malicious code. Segway website hacked and malicous...
Dangerous vulnerability was discovered in Dark Souls III videogame that can be used to gain control of a gamer’s computer. The gaming community is discussing a recent vulnerability in the Dark Souls III videogame. This RCE vulnerability allows attackers to remotely execute arbitrary code on a victim’s computer. Apparently, the vulnerability also affects earlier games in the Dark Soul series: because of this, the developers have taken the unusual step of temporarily deactivating PvP servers across Dark Souls Remastered, Dark Souls II, and Dark Souls III. According to the developers, they also plan...
Fines issued for GDPR non-compliance increased sevenfold from 2020 to 2021, analysis shows In its latest annual GDPR summary, international law firm DLA Piper focuses attention in two areas: fines imposed and the evolving effect of the Schrems II ruling of 2020. Fines are increasing and Schrems II issues are becoming more complex. GDPR fines Fines issued for GDPR non-compliance increased significantly (sevenfold) in 2021, from €158.5 million (approximately $180 million) in 2020 to just under €1.1 billion (approximately $1.25 billion) in 2021. The largest fines came from Luxembourg against...
Russian news agency Tass reported over the weekend that the “purported founder” of a notorious cybercrime group known as Infraud Organisation has been arrested In February 2018, when the US Department of Justice (DOJ) unleashed indictments against 36 defendants alleged to be part of what the DOJ described at the time as: [A] cybercriminal enterprise engaged in the large-scale acquisition, sale, and dissemination of stolen identities, compromised debit and credit cards, personally identifiable information, financial and banking information, computer malware, and other contraband. As a side-effect of the American indictment, 13 people were...
The U.S. government agency overseeing cybersecurity is urging the country’s businesses and other organizations to take the necessary steps to protect their networks from any spillover that might occur from the ongoing cyberattacks aimed at Ukraine government agencies and private companies. In an alert issued this week, the Cybersecurity and Infrastructure Security Agency (CISA) cited a series of cyberattacks perpetrated against public and private Ukrainian organizations as tensions between Ukraine and Russia grow despite talks between U.S. and Russian government leaders. Government and private entities in Ukraine have been targeted...
McAfee has patched a security vulnerability discovered in the company’s McAfee Agent software for Windows enabling attackers to escalate privileges and execute arbitrary code with SYSTEM privileges. McAfee Agent is a client-side component of McAfee ePolicy Orchestrator (McAfee ePO) that downloads and enforces endpoint policies and deploys antivirus signatures, upgrades, patches, and new products on enterprise endpoints. The company has patched the high severity local privilege escalation (LPE) flaw tracked as CVE-2022-0166 and discovered by CERT/CC vulnerability analyst Will Dormann issued security updates with the release of McAfee Agent 5.7.5 on January 18. All...
An exploration of zero-click attack surface for the popular video conferencing solution Zoom has yielded two previously undisclosed security vulnerabilities that could be exploited to crash the service, execute malicious code, and even leak arbitrary areas of its memory. Natalie Silvanovich of Google Project Zero, who discovered and reported the two flaws last year, said the issues impact both Zoom clients and Multimedia Router (MMR) servers, which transmit audio and video content between clients in on-premise deployments. The weaknesses have since been addressed by Zoom as part of updates shipped on November 24, 2021. The goal of...
Researchers have spotted an IRC bot written in GoLang that is being used to carry out DDoS attacks targeting users in Korea. Researchers from AhnLab’s Security Emergency-response Center (ASEC) spotted an IRC bot written in GoLang that is being used to carry out DDoS attacks targeting users in Korea. Vxers use GoLang because it is easy and allows the development of cross-platform malicious codes. The DDoS IRC Bot strains are disguised as adult games and are being installed via platforms commonly used for the distribution of malware in Korea, so-called webhards. Webhards were...
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of the cookies. Cookie & Privacy Policy
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
English
Afrikaans
Albanian
Amharic
Arabic
Armenian
Azerbaijani
Basque
Belarusian
Bengali
Bosnian
Bulgarian
Catalan
Cebuano
Chichewa
Chinese (Simplified)
Chinese (Traditional)
Corsican
Croatian
Czech
Danish
Dutch
Esperanto
Estonian
Filipino
Finnish
French
Frisian
Galician
Georgian
German
Greek
Gujarati
Haitian Creole
Hausa
Hawaiian
Hebrew
Hindi
Hmong
Hungarian
Icelandic
Igbo
Indonesian
Irish
Italian
Japanese
Javanese
Kannada
Kazakh
Khmer
Korean
Kurdish (Kurmanji)
Kyrgyz
Lao
Latin
Latvian
Lithuanian
Luxembourgish
Macedonian
Malagasy
Malay
Malayalam
Maltese
Maori
Marathi
Mongolian
Myanmar (Burmese)
Nepali
Norwegian
Pashto
Persian
Polish
Portuguese
Punjabi
Romanian
Russian
Samoan
Scottish Gaelic
Serbian
Sesotho
Shona
Sindhi
Sinhala
Slovak
Slovenian
Somali
Spanish
Sudanese
Swahili
Swedish
Tajik
Tamil
Telugu
Thai
Turkish
Ukrainian
Urdu
Uzbek
Vietnamese
Welsh
Xhosa
Yiddish
Yoruba
Zulu