Internet Security

Expert found critical flaws in OpenText Enterprise Content Management System

January 22, 2023 add comment
The OpenText enterprise content management (ECM) system is affected by multiple vulnerabilities, including a critical RCE. Armin Stock (Atos), researcher at cybersecurity firm Sec Consult, discovered multiple vulnerabilities in... Read more »

Roaming Mantis uses new DNS changer in its Wroba mobile malware

January 22, 2023 add comment
Roaming Mantis threat actors were observed using a new variant of their mobile malware Wroba to hijack DNS settings of Wi-Fi routers. Researchers from Kaspersky observed Roaming Mantis threat actors... Read more »

Security Affairs newsletter Round 403 by Pierluigi Paganini

January 22, 2023 add comment
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to... Read more »

The Irish DPC fined WhatsApp €5.5M for violating GDPR

January 21, 2023 add comment
The Irish Data Protection Commission (DPC) fined Meta’s WhatsApp €5.5 million for violating data protection laws. The popular messaging app WhatsApp has been fined €5.5m by the Irish Data... Read more »

Around 19,500 end-of-life Cisco routers are exposed to hack

January 21, 2023 add comment
Researchers warn of about 19,500 end-of-life Cisco VPN routers on the Internet that are exposed to the recently disclosed RCE exploit chain. Cisco recently warned of a critical vulnerability,... Read more »

T-Mobile suffered a new data breach, 37 million accounts have been compromised

January 21, 2023 add comment
Bad news for T-Mobile, the company disclosed a new data breach that resulted in the theft of data belonging to 37 customer accounts. T-Mobile suffered a new data breach,... Read more »

PayPal notifies 34942 users of data breach over credential stuffing attack

January 20, 2023 add comment
PayPal is sending out data breach notifications to thousands of users because their accounts were compromised through credential stuffing attacks. PayPal announced that 34942 customers’ accounts have been compromised... Read more »

Chinese hackers used recently patched FortiOS SSL-VPN flaw as a zero-day in October

January 20, 2023 add comment
An alleged Chinese threat actor was observed exploiting the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN. Researchers from Mandiant reported that suspected Chinese threat actors exploited the recently patched... Read more »

Cisco fixes SQL Injection flaw in Unified CM

January 20, 2023 add comment
A high-severity flaw (CVE-2023-20010) was found in Cisco Unified Communications Manager and Unified Communications Manager Session Management Edition. Cisco fixed a high-severity SQL injection flaw, tracked as CVE-2023-20010 (CVSS... Read more »

Experts released PoC exploit for critical Zoho ManageEngine RCE flaw

January 19, 2023 add comment
Researchers released Proof-of-concept exploit code for remote code execution flaw CVE-2022-47966 impacting multiple Zoho ManageEngine products. The CVE-2022-47966 flaw is an unauthenticated remote code execution vulnerability that impacts multiple... Read more »
Subscribe to our Newsletter