Each week Zacco tracks the latest cyber security threats, current industry news or trends and insights into the latest protection best practice. The Cyber Security Digest is a weekly compilation of the most significant developments within both cybersecurity and digital protection space, with links to further information on how it might affect you, your company or your clients.
Essential reading for cyber security professionals, as well as the general public, to keep you informed of current events and emerging threats.
The flaw in the Cloudflare’s Web Application Firewall SQL injection protection mechanism was found by security researcher George Skouroupathis. In the experiment 3 different injection where made in which the last one allowed him to execute a SQL injection attack.
Cybersecurity and Infrastructure Security Agency reported that attackers relied on compromised credentials of Microsoft Office 365 accounts for initial access and installed malware.
New Phishing campaign lures victims into giving out email login credentials by saying that their email is not GDPR compliant.
CVE-2020-1472 Netlogon vulnerability could let attackers gain administrative access to the windows domain controller and can run an application of their choice.
This malware can affect Windows, Android, iOS and Linux devise. This could let attackers spy on targets, secretly turning on their webcams, microphones, record everything that is typed on the keyboard, intercepting calls, and exfiltrating data.
A Russian speaking Threat actor group named as “OldGremlin” is targeting Russian companies, which has been linked to several campaigns since march. They use custom backdoors to deliver payloads and encrypts files.
A British hacker who is a member of the international hacking group ‘The Dark Overlord,’ which threatened Companies to leak stolen data has been sentenced for five years in prison and ordered to pay $1,467,048 in restitution to his victims.
Apple has released a patch for 4 vulnerabilities affecting macOS. Successful exploitation of this flaw could lead to arbitrary code execution using a malicious image or trigger a DoS condition, accessing restricted files, altering the application state.
The source code was published on 4Chan as a torrent file. The torrent file which comes around 43GB also has several Microsoft older Operating systems source code as well.
The German shopping giant Windeln.de whose database was not secured even after alerted by researchers.
IBM reported this week that a new botnet Mozi has a huge hand in the increase of botnet activities of IoT devises.
The decade-long hacking spree which targeted more than 100 high-tech and online gaming companies. Was done by seven Chinese nationals says U.S. Justice Department
Researchers from IBM’s X force has discovered one of the significant bugs that allow attackers to escalate privileges impacting Apple iOS and iPad-OS.
Originally by Australian security researcher Chris Moberly. the vulnerability resides in the SSDP engine of the browser
Apple’s new iOS 14 and iPadOS will come with new privacy features and fixes dozens of vulnerabilities.
Popular messenger leaks data of uses by discovery services that allow users to find contacts based on phone numbers from their address book.
