Unrestricted File Upload Vulnerability Found On Contact Form 7
The Astra Security Research team discovered a high-severity Unrestricted File Upload vulnerability in the WordPress plugin Contact Form 7 5.3.1 and older versions. The vulnerable plugin, Contact Form 7, has over 5 million active installs making this urgent upgrade a necessity for WordPress site owners out there. By exploiting this…
SolarWinds Hackers Breach US Nuclear Weapons Agency
The Energy Department and National Nuclear Security Administration have evidence that hackers accessed their networks as part of an extensive espionage operation that has affected at least half a dozen federal agencie
3 Million Users Installed 28 Malicious Chrome Or Edge Extensions
Over 3 million internet users have reportedly been found out to have installed about 15 Chrome as well as 13 Edge extensions that supposedly all include malicious code according to the security firm Avast.
Pay2Key Hackers Stole Data From Intel’s Habana Labs
The hackers are suspected of breaking into the company’s network and gaining access to plans and information regarding its new artificial intelligence chip Gaudi
Suspected Russian Hackers Reportedly Breached US Government Agencies
Russian government hackers breached the Treasury and Commerce departments, along with other U.S. government agencies, as part of a global espionage campaign that stretches back months, according to people familiar with the matter.
Critical Vulnerability Found In ‘Easy WP SMTP’ Plugin
The WordPress Easy WP SMTP plugin, which has 500,000+ active installations, fixed a zero-day vulnerability affecting version 1.4.2 and below that could allow an unauthenticated user to reset the admin password among other issues.
Former Cisco Engineer Sentenced To Prison For Deleting 16k Webex Accounts
Investigators said Ramesh then proceeded to run a script that deleted 456 virtual machines that were supporting Cisco’s video conferencing software WebEx Teams, actions that resulted in the temporary deletion of more than 16,000 Webex accounts.
EU Drugs Regulator Confirms Data Breach In Cyber Attack
The European Medicines Agency (EMA) had not provided any details on Wednesday, when it disclosed the cyber attack, but Pfizer Inc and BioNTech SE had said documents related to the development of their COVID-19 vaccine had been “unlawfully accessed”.
Cybercriminals Are Selling More Than 85,000 SQL Databases On Dark Web
Hackers have been breaking into SQL databases, downloading tables, deleting the originals, and leaving ransom notes behind, telling server owners to contact the attackers to get their data back.
4 Sentenced To Prison For Planting Malware On 20 Million Gionee Smartphones
The scheme involved Xu Li, the legal representative of Shenzhen Zhipu Technology, a Gionee subsidiary tasked with selling the company’s phones, and the trio of Zhu Ying, Jia Zhengqiang, and Pan Qi, the deputy general manager and software engineers for software firm Beijing Baice Technology.
Here’s Everything You Need To Know About ENCRYPTION !
Encryption is the method by which information is converted into secret code that hides the information’s true meaning. The science of encrypting and decrypting information is called cryptography. It is a way of scrambling data so that only authorized parties can understand the information. In technical…
Helicopter Manufacturer Kopter Hit By Ransomware
Information from Kopter’s internal system was printed on the LockBit gang’s site, hosted on the Darknet.After Kopter denied participation with all the hackers, the ransomware gang has printed on Friday a number of the business’s documents online.
IBM : Cyber-Criminals Are Targeting The COVID-19 Vaccine Cold Chain
IBM Security X-Force uncovered a global phishing campaign targeting organizations associated with a COVID-19 cold chain. The cold chain is a component of the vaccine supply chain that ensures the safe preservation of vaccines in temperature-controlled environments during their storage and transportation.
Suspected North Korean Hackers Targeted COVID Vaccine Maker AstraZeneca : Reuters
Suspected North Korean hackers have tried to break into the systems of British drugmaker AstraZeneca in recent weeks, two people with knowledge of the matter told Reuters, as the company races to deploy its vaccine for the COVID-19 virus. The hackers posed as recruiters on…
Networking Equipment Vendor Belden Disclose Data Breach
American networking equipment vendor Belden announced that it has taken decisive measures to investigate and address a data incident involving unauthorized access and copying of some current and former employee data, as well as limited company information regarding some business partners. Belden IT professionals recently detected…
Canon Publicly Acknowledge August Ransomware Attack
Canon has confirmed that the cyberattack suffered in early August was caused by ransomware and that the hackers stole data from company servers. “We identified a security incident involving ransomware on August 4, 2020. We immediately began to investigate, a cybersecurity firm was engaged, and…
Sophos Warns Affected Customers After Security Breach
UK cyber security and hardware company Sophos has notified customers that data has potentially been leaked online due to a misconfigured database. The exposed customer data was accessible to unauthorized parties due to a misconfigured “tool” used by the company to store information by users who reached out to…
South Korean Watchdog Fines Facebook $6.1 Million For Sharing User Info Without Consent
A South Korean agency for protecting personal information on Wednesday fined$6.06 million and sought a criminal investigation for providing users’ personal information to other operators without consent, Reuters reports The country’s Personal Information Protection Commission, launched in August this year, said in a statement it…
2FA Bypass Flaw Could Affect Over 70 Million Sites
Digital Defense, Inc., a leader in vulnerability and threat management solutions, announced that its Vulnerability Research Team (VRT) uncovered a previously undisclosed vulnerability affecting the cPanel & WebHost Manager (WHM) web hosting platform. cPanel & WHM version 188.8.131.52 (90.0 Build 5) exhibits a two-factor authentication bypass flaw, vulnerable…
Subscribe To Our Newsletter
Join our mailing list to receive the latest news and updates from our team.