Ελληνικά
Today is Microsoft’s October 2021 Patch Tuesday, and with it comes fixes for four zero-day vulnerabilities and a total of 74 flaws. Microsoft has fixed 74 vulnerabilities (81 including Microsoft Edge) with today’s update, with three classified as Critical, and 70 as Important, and one as Low. These 81 vulnerabilities (including Microsoft Edge) are classified as: 21 […]
Author Archives: CSIRT
Details have emerged about a new cyber espionage campaign directed against the aerospace and telecommunications industries, primarily in the Middle East, with the goal of stealing sensitive information about critical assets, organizations’ infrastructure, and technology while remaining in the dark and successfully evading security solutions. Boston-based cybersecurity company Cybereason dubbed the attacks “Operation Ghostshell,” pointing […]
Apache has issued patches to address two security vulnerabilities, including a path traversal and file disclosure flaw in its HTTP server that it said is being actively exploited in the wild. “A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack […]
By Jonathan Greig A number of websites and services reported issues on Thursday thanks to the expiration of a root certificate provided by Let’s Encrypt, one of the largest providers of HTTPS certificates. At around 10 am ET, IdentTrust DST Root CA X3 expired according to Scott Helme, founder of Security Headers. He has been tracking […]
A campaign is stealing one-time password tokens to gain access to PayPal, Apple Pay and Google Pay, among others. Cybercriminals are using Telegram bots to steal one-time password tokens (OTPs) and defraud people through banks and online payment systems, including PayPal, Apple Pay and Google Pay, new research has found. Researchers from Intel 471 discovered […]