Computers hacked at Italian defense group Leonardo between 2015 and 2017 belonged to a unit that makes components for both commercial and military aircraft, including C27J and ATR turboprop, a police officer working on the case told Reuters.
Samsung has started rolling out Android’s December security updates to mobile devices to patch critical security vulnerabilities in the operating system and related components.
Microsoft Office, this month the company released 23 security updates and 5 cumulative updates for 7 different products, fixing 9 vulnerabilities that could allow attackers to execute arbitrary code remotely on vulnerable systems.
In mid-October, a new post, written in Russian, appeared on a cybercriminal forum. It advertised network access to a large electronics manufacturer, including backups of corporate email and gigabytes of data.
Cybercriminals are resetting passwords for admin accounts on WordPress sites using a zero-day vulnerability in a popular WordPress plugin installed on more than 500,000 sites.
A relatively new ransomware strain behind a series of breaches on corporate networks has developed new capabilities that allow it to broaden the scope of its targeting and evade security software.
Security vulnerabilities found in Point-of-sale (PoS) terminals produced by two of the biggest manufacturers of these devices in the world could have allowed cybercriminals to do a lot of damage.
Two new backdoors have been attributed to the Molerats advanced persistent threat (APT) group, which is believed to be associated with the Palestinian terrorist organization Hamas.
Microsoft has not said when or if it will patch the vulnerability, but the tech giant pointed out that “this technique requires an attacker to have already compromised the target machine to run malicious code.”
Bug bounty researcher “Tabahi” (ta8ahi) found the issue, described as a site-wide cross-site request forgery (CSRF) bug deserving of a 9 – 10 severity score. The vulnerability impacts the Glassdoor web domain.