Details have emerged about a high severity security vulnerability affecting a software driver used in HP, Xerox, and Samsung printers that has remained undetected since 2005. Tracked as CVE-2021-3438 (CVSS score: 8.8), the issue concerns a buffer overflow in a print driver installer package named “SSPORT.SYS” that can enable remote privilege and arbitrary code execution….
Encryption & Key Management , Governance & Risk Management , Patch Management MTProto Has Since Been Patched Akshaya Asokan (asokan_akshaya) • July 20, 2021 Security researchers identified flaws in messaging app Telegram’s cryptographic protocol, MTProto, that enabled intruders to access encrypted chats and alter the messages. Those flaws have since been patched in…
The people responsible for the riots sparked by the jailing of former South African President Jacob Zuma failed in their insurrection because the ground for them was not fertile, the country’s transport minister has said. While the government’s slow response to what was happening gave them a “field day”, they could not achieve what they…
On Tuesday, Amnesty International stated that French President Emmanual Macron was included on a list of 14 current or former heads of state who were potentially targeted for hacking through a product called Pegasus made by the Israeli spyware firm NSO Group. The organization called the incident an unprecedented revelation that should shock world leaders….
Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please check back soon to view the completed vulnerability summary Informations Name CVE-2021-2329 First vendor Publication 2021-07-21 Vendor Cve Last vendor Modification 2021-07-21 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA…
Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Governance & Risk Management Security Experts Weigh the Impact of White House’s Latest Cyber Moves Scott Ferguson (Ferguson_Writes) • July 20, 2021 Security experts are debating the impact of the Biden administration’s Monday condemnation of China for waging attacks on vulnerable Windows Exchange…
Pegasus – possibly the most powerful piece of spyware ever developed – has been found on mobile phones around the world. A major investigation is alleging that the malware was used to hack the phones of politicians, activists and prominent news editors worldwide. The hacking software – or spyware – is marketed and licensed to…
Cyberwarfare / Nation-State Attacks , Endpoint Security , Fraud Management & Cybercrime ‘Pegasus Project’ Says List Used to Coordinate Attacks Using NSO Group’s Spyware Mathew J. Schwartz (euroinfosec) • July 19, 2021 Countries where journalists were selected as targets (Source: Forbidden Stories) A leak of 50,000 telephone numbers and email addresses led to…
The United States and its allies accused China of a global cyberespionage campaign, mustering an unusually broad coalition of countries to publicly call out Beijing for hacking. The United States was joined by NATO, the European Union, Britain, Australia, Japan, New Zealand and Canada in condemning the spying, which US Secretary of State Antony Blinken…
Publicly owned rail operator Northern Trains has an excuse somewhat more technical than “leaves on the line” for its latest service disruption: a ransomware attack that has left its self-service ticketing booths out for the count. “Last week we experienced technical difficulties with our self-service ticket machines, which meant all have had to be taken…
