Ελληνικά
Details have emerged about a new cyber espionage campaign directed against the aerospace and telecommunications industries, primarily in the Middle East, with the goal of stealing sensitive information about critical assets, organizations’ infrastructure, and technology while remaining in the dark and successfully evading security solutions. Boston-based cybersecurity company Cybereason dubbed the attacks “Operation Ghostshell,” pointing […]
Author Archives: CSIRT
Apache has issued patches to address two security vulnerabilities, including a path traversal and file disclosure flaw in its HTTP server that it said is being actively exploited in the wild. “A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack […]
By Jonathan Greig A number of websites and services reported issues on Thursday thanks to the expiration of a root certificate provided by Let’s Encrypt, one of the largest providers of HTTPS certificates. At around 10 am ET, IdentTrust DST Root CA X3 expired according to Scott Helme, founder of Security Headers. He has been tracking […]
A campaign is stealing one-time password tokens to gain access to PayPal, Apple Pay and Google Pay, among others. Cybercriminals are using Telegram bots to steal one-time password tokens (OTPs) and defraud people through banks and online payment systems, including PayPal, Apple Pay and Google Pay, new research has found. Researchers from Intel 471 discovered […]
By Tara Seals Unauthenticated cyberattackers can also wreak havoc on networking device configurations. Cisco is warning three critical security vulnerabilities affect its flagship IOS XE software, the operating system for most of its enterprise networking portfolio. The flaws impact Cisco’s wireless controllers, SD-WAN offering and configuration mechanisms in use for scads of products. The networking […]