Top News

• High-severity Windows security flaw enables attackers to hijack any application

"Bug affects all versions of Microsoft Windows, back from Windows XP to Windows 10"

Link

TLP¹ : Green

Top News

• Flaws in 4G Routers of various vendors put millions of users at risk

"Security expert discovered multiple flaws in 4G routers manufactured by several companies, some of them could allow attackers to take over the devices."

Link

TLP¹ : Green

Top News

• HEADS-UP : 140 domains of Deloitte are vulnerable by subdomain takeover attacks

"As I described in the chapter one, we can control the content of a sub-domain d by controlling the content of domain d1 that d point to through its CNAME record."

Link

TLP¹ : Green

Top News

• Samsung Mobile Devices 7.x/8.x/9.0 FotaAgent File privilege escalation

"A vulnerability was found in Samsung Mobile Devices 7.x/8.x/9.0. It has been classified as critical. Affected is some unknown functionality of the component FotaAgent. The manipulation with an unknown input leads to a privilege escalation vulnerability (File). CWE is classifying the issue as CWE-269. This is going to have an impact on confidentiality, integrity, and availability. "

Link

Top News

• Hackers usaram endereço do ISCTE para lançar ataque de phishing contra alunos

"Especialistas da CyberS3c detetaram uma campanha de phishing direcionada a alunos do ISCTE-IUL. O endereço usado na campanha leva a crer que foram usadas técnicas de spoofing. ISCTE nega que os sistemas tenham sido alvo de intrusão."

Link

Top News

• Critical holes plugged in Cisco 220 Series smart switches

"Cisco has fixed three vulnerabilities in its Cisco 220 Series smart switches and is urging owners to upgrade their firmware as soon as possible."

Link

TLP¹ : Green

Top News

• Puzzling Gwmndy Botnet Focuses on Low-Volume Proxy Connections

"An odd botnet has been spotted targeting Fiberhome routers, in a quest to add 200 of them per day to its botnet web. "

Link

TLP¹ : Green

Top News

• 90% of Enterprise iPhone Users Open to iMessage Spy Attack

"Vast majority of Apple iOS users haven’t updated to iOS 12.4, leaving themselves wide open to a public exploit."

Link

TLP¹ : Green

Top News

• Facebook Plans on Backdooring WhatsApp

"These algorithms will be continually updated from a central cloud service, but will run locally on the user's device, scanning each cleartext message before it is sent and each encrypted message after it is decrypted. "

Link

TLP¹ : Green

Top News

• Flaws in SanDisk SSD Dashboard Present Malware & Data Loss Risks

"Organizations using the utility should immediately install the latest version of the software, security vendor Trustwave says."

Link

TLP¹ : Green