Recently, 360 Security Center detected that the GandCrab ransomware is back to attack Windows-based servers and PCs. We also found that if it detects that the computer system is using the Russian language, it will stop intruding. Not only that, but we also recently discovered that the GrandCrab ransomware will...
Read more
Microsoft has officially confirmed that they are going to be gutting Edge and converting it into a Chromium based browser. While the engine will change, Microsoft has stated that they will continue utilizing the Microsoft Edge name and will now bring the browser to all supported Windows platforms. Microsoft explains...
Read more
Cybersecurity researchers have discovered a new zero-day vulnerability in Adobe Flash Player that hackers are actively exploiting in the wild as part of a targeted campaign appears to be attacking a Russian state health care institution. The vulnerability, tracked as CVE-2018-15982, is a use-after-free flaw resides in Flash Player that, if...
Read more
A low-privileged user account on most Linux operating systems with UID value anything greater than 2147483647 can execute any systemctl command unauthorizedly—thanks to a newly discovered vulnerability. The reported vulnerability actually resides in PolicyKit (also known as polkit)—an application-level toolkit for Unix-like operating systems that defines policies, handles system-wide privileges...
Read more
Description: VMware has released security updates to address a vulnerability in Workstation and Fusion. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.vmware.com/security/advisories/VMSA-2018-0030.html
Description: The Samba Team has released security updates to address several vulnerabilities in Samba. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: CVE-2018-14629 CVE-2018-16841 CVE-2018-16851 CVE-2018-16852 CVE-2018-16853...
Read more
Description: Apple has released security updates to address vulnerabilities in multiple products. iCloud for Windows 7.9 Safari 12.0.2 iTunes 12.9.2 for Windows macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra tvOS 12.1.1 iOS 12.1.1 Impact: A remote attacker could exploit this vulnerability to take control of...
Read more
OVERVIEW: UPnProxy is alive and well. There are 277,000 devices, out of a pool of 3.5 million, running vulnerable implementations of UPnP. Of those, Akamai can confirm that more than 45,000 have been compromised in a widely distributed UPnP NAT injection campaign. These injections expose machines living behind the router...
Read more
মেরিডিয়ান কমিউনিটি কি? “মেরিডিয়ান প্রসেস কমিউনিটি ” বিশ্বব্যাপী অবস্থিত ক্রিটিক্যাল ইনফরমেশন ইনফ্রাস্ট্রাকচার সমূহের সুরক্ষার (Critical Information Infrastructure Protection, CIIP) লক্ষ্যে সরকারি সংস্থাগুলোর মাঝে অভ্যন্তরীণ যোগাযোগ বৃদ্ধি, তথ্য ও ধারণা বিনিময় এবং সমস্যা নিরুপনের বিভিন্ন উপযোগী পদক্ষেপসমূহ নিয়ে কাজ করে থাকে। এই কমিউনিটি বিশ্বের বিভিন্ন দেশের সরকার ও সরকারি সংস্থাগুলোর মাঝে...
Read more
At Pwn2Own 2018 mobile hacking competition held in Tokyo on November 13-14, white hat hackers once again demonstrated that even the fully patched smartphones running the latest version of software from popular smartphone manufacturers can be hacked. Three major flagship smartphones—iPhone X, Samsung Galaxy S9, and Xiaomi Mi6—were among the...
Read more
