Severe Bugs Reported in EtherNet/IP Stack for Industrial Systems – Tempemail

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) Thursday issued an advisory warning of multiple vulnerabilities in the OpENer EtherNet/IP stack that could expose industrial systems to denial-of-service (DoS) attacks, data leaks, and remote code execution. All OpENer commits and versions prior to February 10, 2021, are affected, although there Continue Reading

US Sanctions Russia and Expels 10 Diplomats Over SolarWinds Cyberattack – Tempemail

The U.S. and U.K. on Thursday formally attributed the supply chain attack of IT infrastructure management company SolarWinds with “high confidence” to government operatives working for Russia’s Foreign Intelligence Service (SVR). “Russia’s pattern of malign behaviour around the world – whether in cyberspace, in election interference or in the aggressive Continue Reading

1-Click Hack Found in Popular Desktop Apps — Check If You’re Using Them – Tempemail

Multiple one-click vulnerabilities have been discovered across a variety of popular software applications, allowing an attacker to potentially execute arbitrary code on target systems. The issues were discovered by Positive Security researchers Fabian Bräunlein and Lukas Euler and affect apps like Telegram, Nextcloud, VLC, LibreOffice, OpenOffice, Bitcoin/Dogecoin Wallets, Wireshark, and Continue Reading

More Sophisticated, Prevalent and Evolving in 2021 – Tempemail

A malicious program intended to cause havoc with IT systems—malware—is becoming more and more sophisticated every year. The year 2021 is no exception, as recent trends indicate that several new variants of malware are making their way into the world of cybersecurity. While smarter security solutions are popping up, modern Continue Reading

YIKES! Cybercriminals flood the Internet with 100,00 malicious PDF documents – Tempemail

Cybercriminals are resorting to search engine poisoning techniques to lure business professionals into seemingly legitimate Google sites that install a Remote Access Trojan (RAT) capable of carrying out a wide range of attacks. The attack works by leveraging searches for business forms such as invoices, templates, questionnaires, and receipts as Continue Reading

New WhatsApp Bugs Could’ve Let Attackers Hack Your Phone Remotely – Tempemail

Facebook-owned WhatsApp recently addressed two security vulnerabilities in its messaging app for Android that could have been exploited to execute malicious code remotely on the device and even compromise encrypted communications. The flaws take aim at devices running Android versions up to and including Android 9 by carrying out what’s Continue Reading

New JavaScript Exploit Can Now Carry Out DDR4 Rowhammer Attacks – Tempemail

Academics from Vrije University in Amsterdam and ETH Zurich have published a new research paper describing yet another variation of the Rowhammer attack. Dubbed SMASH (Synchronized MAny-Sided Hammering), the technique can be used to successfully trigger the attack from JavaScript on modern DDR4 RAM cards, notwithstanding extensive mitigations that have Continue Reading

Simplify, then Add Lightness – Consolidating the Technology to Better Defend Ourselves – Tempemail

One of the biggest consequences of the rapidly evolving cybersecurity threat landscape is that defenses must constantly build bigger systems to defend themselves. This leads to both more complex systems and often less communication between them. More importantly, it can lead companies to invest in disparate “best in class” components Continue Reading

2 New Chrome 0-Days Under Attack — Update Your Browser ASAP! – Tempemail

Google on Tuesday released a new version of Chrome web-browsing software for Windows, Mac, and Linux with fixes for two security vulnerabilities, both of which it says are under active exploitation. One of the two flaws concerns an insufficient validation of untrusted input in its V8 JavaScript rendering engine (CVE-2021-21220), Continue Reading

NSA Discovers New Vulnerabilities Affecting Microsoft Exchange Servers – Tempemail

In its April slate of patches, Microsoft rolled out fixes for a total of 114 security flaws, including an actively exploited zero-day and four remote code execution bugs in Exchange Server. Of the 114 flaws, 19 are rated as Critical, 88 are rated Important, and one is rated Moderate in Continue Reading