Did you ever stop to think that the office smart TV used for company presentations, Zoom meetings, and other work-related activities may not be so trustworthy? In our latest video, we demonstrate an attack scenario that can occur within any organization – hacking a smart TV. The video shows an insider plugging a USB Rubber […]
Cybersecurity researchers disclosed multiple flaws, dubbed PwnedPiper, that left a widely-used pneumatic tube system (PTS) vulnerable to attacks. Researchers from cybersecurity Armis disclosed a set of nine vulnerabilities collectively tracked as PwnedPiper that could be exploited to carry out multiple attacks against a widely-used pneumatic tube system (PTS). The Swisslog PTS system are used in […]
The post PwnedPiper flaws in PTS systems affect 80% of major US hospitals appeared first on Security Affairs.
A vulnerability in the GitHub Actions workflow for PyPI’s source repository could be exploited to perform a malicious pull request and eventually execute arbitrary code on pypi.org, according to a warning from a Japanese security researcher.
Researchers found evidence that the DarkSide ransomware gang has rebranded as a new BlackMatter ransomware operation. BleepingComputer found evidence that after the clamorous Colonia Pipeline attack, the DarkSide ransomware gang has rebranded as a new BlackMatter ransomware operation. The experts analyzed encryption algorithms in a decryptor used by BlackMatter, which is actively attacking corporate entities. […]
The post More evidence suggests that DarkSide and BlackMatter are the same group appeared first on Security Affairs.
Earlier this month, Iranian Railways suffered a serious cyberattack. It now turns out that the…
New File Wiping Malware Meteor Found Involved In Iranian Railway Cyberattack on Latest Hacking News.
An attacker could exploit a vulnerability in the WordPress Download Manager plugin, tracked as CVE-2021-34639, to execute arbitrary code under specific configurations. Researchers from Wordfence team discovered a vulnerability, tracked as CVE-2021-34639, affecting the WordPress Download Manager plugin that could allow attackers to execute arbitrary code under specific configurations. The flaw could allow authors and […]
The post WordPress Download Manager Plugin was affected by two flaws appeared first on Security Affairs.
Researchers have warned users to be wary of the Solarmarker malware which currently has active…
Solarmarker Malware Emerges As A Potent InfoStealer And Keylogger on Latest Hacking News.
Kaspersky experts spotted a previously undocumented Chinese-speaking threat actor, tracked as GhostEmperor, that is targeting Microsoft Exchange flaws in attacks on high-profile victims. Kaspersky spotted a new Chinese-speaking threat actor, tracked as GhostEmperor, that is targeting Microsoft Exchange vulnerabilities in attacks aimed at high-profile victims. The long-running operation carried out by the group mostly targeted […]
The post GhostEmperor, a new Chinese-speaking threat actor targets Southeast Asia appeared first on Security Affairs.
A year ago, the United Kingdom, the USA, and Canada released a coordinated advisory, during the global pandemic, revealing a Russian espionage campaign targeting the vaccination research efforts of COVID-19 in their respective country. They …
President Joe Biden’s appeal for Vladimir Putin to crack down on cyberattacks emanating from within Russia appears to have failed to persuade the Kremlin to give it up. In a report published Friday, RiskIQ stated it discovered ongoing hackin…