Skip to content
Wednesday, January 27, 2021

TFun dot org

Information Security newsfeed from around the world in English and French. Find it all in one place… here.

  • Home
  • News
  • Vulnerabilities
  • Security
  • Malware
  • Alert
  • Live map
  • Privacy Policy
  • Attack Maps

Category: Vulnerabilities

NAT Slipstreaming 2.0 Exposes Devices on Internal Networks to Remote Attacks

26/01/2021Ionut Arghire

A newly devised variant of the NAT Slipstreaming attack can be leveraged to compromise any device on the local network, according to researchers at enterprise IoT security firm Armis. read more Source: Security Week

Continue Reading

North Korea Targets Security Researchers in Elaborate 0-Day Campaign

26/01/202126/01/2021Elizabeth Montalbano

Hackers masquerade as security researchers to befriend analysts and eventually infect fully patched systems at multiple firms with a malicious backdoor. Source: Threatpost.com

Continue Reading

TikTok Flaw Lay Bare Phone Numbers, User IDs For Phishing Attacks

26/01/2021Lindsey O Donnell

A security flaw in TikTok could have allowed attackers to query query the platform’s database – potentially opening up for privacy violations. Source: Threatpost.com

Continue Reading

Google Warning: North Korean Gov Hackers Targeting Security Researchers

26/01/2021Ryan Naraine

Google late Monday raised the alarm about a “government-backed entity based in North Korea” targeting — and hacking into — computer systems belonging to security researchers. read more Source: Security Week

Continue Reading

Phishers Target C-Suite with Fake Office 365 Password Expiration Reports

25/01/2021Ionut Arghire

An ongoing phishing campaign delivering fake Office 365 password expiration reports has managed to compromise tens of C-Suite email accounts to date, according to a warning from anti-malware vendor Trend Micro. read more Source: Security Week

Continue Reading

Cisco DNA Center Bug Opens Enterprises to Remote Attack

25/01/2021Tara Seals

The high-severity security vulnerability (CVE-2021-1257) allows cross-site request forgery (CSRF) attacks. Source: Threatpost.com

Continue Reading

SonicWall Breach Stems from ‘Probable’ Zero-Days

25/01/2021Lindsey O Donnell

The security vendor is investigating potential zero-day vulnerabilities in its Secure Mobile Access (SMA) 100 series. Source: Threatpost.com

Continue Reading

CrowdStrike Discloses Details of Recently Patched Windows NTLM Vulnerability

25/01/2021Ionut Arghire

One of the vulnerabilities that Microsoft addressed on January 2021 Patch Tuesday could allow an attacker to relay NTLM authentication sessions and then execute code remotely, using a printer spooler MSRPC interface. read more Source: Security Week

Continue Reading

Industrial Firms Informed About Serious Vulnerabilities in Matrikon OPC Product

25/01/2021Eduard Kovacs

Industrial organizations have been informed about the existence of several potentially serious vulnerabilities affecting an OPC UA product made by Honeywell subsidiary Matrikon. read more Source: Security Week

Continue Reading

Amazon Kindle RCE Attack Starts with an Email

22/01/2021Tara Seals

The “KindleDrip” attack would have allowed attackers to siphon money from unsuspecting victims. Source: Threatpost.com

Continue Reading

Posts navigation

Older posts
Tfun News | Theme: news-vibrant by CodeVibrant.