PoC Exploit Targeting Apache Struts Surfaces on GitHub
Researchers have discovered freely available PoC code and exploit that can be used to attack unpatched security holes in Apache Struts 2.
Hacks
NSA, FBI Warn of Linux Malware Used in Espionage Attacks
A never before seen malware has been used for espionage purposes via Linux systems, warn the NSA and FBI in a joint advisory.
ReVoLTE Attack Allows Hackers to Listen in on Mobile Calls
Rare attack on cellular protocol exploits an encryption-implementation flaw at base stations to record voice calls.
Researcher Publishes Bypass for Patch for vBulletin 0-Day Flaw
Three separate proof-of-concepts on Bash, Python and Ruby posted to outsmart fix issued last year to remedy pre-auth RCE bug.
Qualcomm Bugs Open 40 Percent of Android Handsets to Attack
Researchers identified serious flaws in Qualcomm’s Snapdragon SoC and the Hexagon architecture that impacts nearly half of Android handsets.
Attackers Horn in on MFA Bypass Options for Account Takeovers
Legacy applications don’t support modern authentication — and cybercriminals know this.
Black Hat 2020: Influence Campaigns Are a Cybersecurity Problem
An inside look at how nation-states use social media to influence, confuse and divide — and why cybersecurity researchers should be involved.
UPDATE: Canon Ransomware Attack Results in Leaked Data, Report
The consumer-electronics giant had suffered partial outages across its U.S. website and internal systems reportedly, thanks to the Maze gang.
Black Hat 2020: Satellite Comms Globally Open to $300 Eavesdropping Hack
Attackers can listen in on internet traffic for high-value targets a continent away, like shipping fleets and oil installations, using some basic home-television gear.
Twitter Could Face $250M FTC Fine Over Improper Data Use
The potential FTC fine comes after Twitter last year acknowledged that user emails and phone numbers were being used for targeted advertising.