Hexway blog - Page 14
Cybersecurity News V. 3.26 – ransomware activity, “re”Mirai, passwords in danger
Sodinokibi ransomware operators start selling data Data previously stolen from Brooks International is available for purchase on hacking forums. Brooks International had refused to pay the ransom for unlocking the…
read more
Cybersecurity News V. 3.23 – COVID-19 drives cybercrimes, Firefox and Microsoft patch vulnerabilities
Mozilla Firefox security updates Twelve vulnerabilities were patched by Mozilla in Firefox products. The most critical of them are CVE-2020-6814 and CVE-2020-6815. These are memory and script safety bugs showing…
read more
r00kie-kr00kie. Exploring the kr00k attack
TL;DR We created and published a PoC exploit of the kr00k attack (CVE-2019-15126): https://github.com/hexway/r00kie-kr00kie All technical details can be found in the Process section. INTRODUCTION AND MOTIVATION In February 2020,…
read more
Cybersecurity News V. 3.13 – data leaks in Asian banks, vulnerability in Linux & nothing about COVID-19
Ransomware attacks news Ransomware attacks are getting more sophisticated and rapid. For instance, Evraz North America, a steel producer, fell victim to a recent nation-wide cyberattack, which lead to malfunctioning…
read more
Cybersecurity News V. 3.04 – New Wi-Fi vulnerability, Google upd, Cerberus Android banking Trojan
Kr00k vulnerability found in Wi-Fi chips by Cypress and Broadcom ESET published a white paper about a vulnerability in Wi-Fi chips that was assigned CVE-2019-15126. It causes vulnerable devices to…
read more
Cybersecurity News V. 2.27 – data leaks, stalkerware app, hack them all: satellites, hotels, DISA
Pipeline operations could be at risk The Cybersecurity and Infrastructure Security Agency (CISA) issued a warning to prevent further attacks on critical infrastructure. It came as a response to a…
read more
Cybersecurity News V. 2.19 – New malware: made in North Korea, app for US election, Huawei espionage
Voatz app not ready for 2020 election Voatz voting app, which was supposed to be used in the 2020 Presidential elections, turned out to be vulnerable to numerous security flaws.…
read more
Cybersecurity News V. 2.11 – What’s up WhatsApp? DDoS for FBI & attack on Malaysian gov
Severe WhatsApp vulnerability patched Facebook has released a patch for WhatsApp vulnerability (CVE-2019-18426). WhatsApp Desktop prior to version 0.3.9309 allowed cross-site scripting and local files reading when paired with WhatsApp…
read more
Cybersecurity News V. 2.06 – SpiceJet data breach, Huge leak of payment cards, Avast failure
The new ransomware threat which is called Snake (EKANS) A new ransomware dubbed Snake was recently discovered. It not only encrypts data on infected machines but also removes all file…
read more
Cybersecurity News V. 1.30 – Trojan attacks, Internet Explorer 0-day
Recent news about Citrix CVE-2019-19781 vulnerability Citrix has finally released patches for CVE-2019-19781. The vulnerability affects Citrix Application Delivery Controller (ADS) and Gateway products. There was some evidence of in-the-wild…
read more