Black Hat USA 2020 Preview: Election Security, COVID Disinformation and More
Threatpost editors break down the top themes, speakers and sessions to look out for this year at Black Hat 2020 – from election security to remote work and the pandemic.
WastedLocker: technical analysis
The use of crypto-ransomware in targeted attacks has become an ordinary occurrence lately: new incidents are being reported every month, sometimes even more often. On July 23, Garmin, a major manufacturer of navigation equipment and smart devices, including smart watches and bracelets, experienced a massive service outage. As confirmed by an official statement later, the…
Zoom Flaw Could Have Allowed Hackers To Crack Meeting Passcodes
Zoom has fixed the issue, which stemmed from a lack of checks against incorrect passcode attempts.
Doki Backdoor Infiltrates Docker Servers in the Cloud
The malware is a new payload that uses Dogecoin wallets for its C2, and spreads via the Ngrok botnet.
Critical, High-Severity Cisco Flaws Fixed in Data Center Network Manager
The flaw could allow a remote, unauthenticated attacker to bypass authentication on vulnerable devices.
Vermont Taxpayers Warned of Data Leak Over the Past Three Years
A vulnerability in the state’s system may have exposed personal data that can be used for credential theft for those who filed Property Transfer Tax returns online.
More Robust Network Partition Handling in Group Replication
As Group Replication (GR) matures and it is deployed in a myriad of different systems, we begin to witness specific network conditions that we must be able to cope with in order to make Group Replication more tolerant and robust to those failures.…
Critical Magento Flaws Allow Code Execution
Adobe has released patches for critical and important-severity flaws in its popular Magento e-commerce platform.
Billions of Devices Impacted by Secure Boot Bypass
The “BootHole” bug could allow cyberattackers to load malware, steal information and move laterally into corporate, OT ,IoT and home networks.
Critical Bugs in Utilities VPNs Could Cause Physical Damage
Gear from Secomea, Moxa and HMS Networks are affected by remote code-execution flaws, researchers warn.