Cybersecurity Specialists Advise Players Not to Enter Grand Theft Auto (GTA) Online due to a Dangerous Bug

Players of the PC version of Grand Theft Auto (GTA) Online are alarming as a vulnerability has been discovered in the game that can lead to the loss of game progress, theft of game money, a ban and other unpleasant consequences. Modders warn that an exploit for this problem will allow remote code execution through… Continue reading Cybersecurity Specialists Advise Players Not to Enter Grand Theft Auto (GTA) Online due to a Dangerous Bug

Exploits for Vulnerabilities in Three Popular WordPress Plugins Appeared on the Network

Three popular WordPress plugins, with tens of thousands of active installations, at once turned out to have critical SQL injection vulnerabilities. In addition, PoC exploits for these bugs are now publicly available. The vulnerabilities were discovered by Tenable, who notified WordPress developers about them back in mid-December 2022, providing them with proof-of-concept exploits. Currently, plugin… Continue reading Exploits for Vulnerabilities in Three Popular WordPress Plugins Appeared on the Network

Android Devices Can Be Monitored Using Motion Sensors

A group of scientists from five American universities has developed a side-channel EarSpy attack that can be used to eavesdrop on Android devices: recognize the gender and identity of the caller, and also partially parse the contents of the conversation. Eavesdrop can be carried out using motion sensors that are able to capture the reverberation… Continue reading Android Devices Can Be Monitored Using Motion Sensors

Hackers Stole over $2.5 million from Hackers

In the past 12 months hackers have scammed more than $2.5 million from other cybercriminals on three separate hack forums alone (Exploit, XSS and BreachForums), according to Sophos researchers. You might also be interested in reading All About Hacker Motivation: Why Do Hackers Hack? Experts spoke about the results of studying darknet forums during a… Continue reading Hackers Stole over $2.5 million from Hackers

Exploit for Vulnerabilities ProxyNotShell Appeared on the Network

Experts warned that an exploit for two high-profile vulnerabilities in Microsoft Exchange, which are collectively called ProxyNotShell, has appeared in the public domain. Vulnerabilities have been used by hackers before, but now there may be more attacks. Initially, ProxyNotShell problems (CVE-2022-41040 and CVE-2022-41082) were discovered in September by analysts from the Vietnamese company GTSC. Let… Continue reading Exploit for Vulnerabilities ProxyNotShell Appeared on the Network

OpenSSL Patches Released and Critical Vulnerability Turns Out to be Not So Critical

At the end of October, OpenSSL developers warned that the upcoming update to version 3.0.7 would close a critical vulnerability. Notably, this would only be the second critical bug in OpenSSL since 2016. Now that OpenSSL 3.0.7 has been officially released, it turned out that fixes were released for two serious vulnerabilities at once, and… Continue reading OpenSSL Patches Released and Critical Vulnerability Turns Out to be Not So Critical

OpenSSL Fixes First Critical Vulnerability Since 2016

The developers of the OpenSSL project have informed users that the upcoming version 3.0.7 will close a recently discovered critical vulnerability. This is only the second critical bug in OpenSSL in recent years. The release of OpenSSL version 3.0.7 is scheduled for Tuesday, November 1, 2022. No details about this release have been published yet:… Continue reading OpenSSL Fixes First Critical Vulnerability Since 2016

Thousands of GitHub Repositories Spread Malware That Is Disguised as Exploits

Experts from the Leiden Institute for Advanced Computer Science have discovered thousands of GitHub repositories with fake PoC exploits for various vulnerabilities that spread malware. It turned out that the probability of infection with malware when downloading PoC can reach 10.3%, even if outright fakes are excluded. Let me remind you that we also reported… Continue reading Thousands of GitHub Repositories Spread Malware That Is Disguised as Exploits

New Vulnerability in Apache Commons Text Is Already Being Attacked by Hackers

According to WordPress security firm Defiant, attempts have already been made to exploit a new vulnerability in Apache Commons Text (CVE-2022-42889). Called Text4Shell and affects versions 1.5 to 1.9 of the library. Some believe that this issue could become the new Log4Shell. The issue scored 9.8 out of 10 on the CVSS vulnerability rating scale.… Continue reading New Vulnerability in Apache Commons Text Is Already Being Attacked by Hackers

CloudMensis Malware Attacks MacOS Users

ESET experts have discovered the CloudMensis malware, which is used to create backdoors on devices running macOS and subsequently steal information. The malware received its name due to the fact that it uses pCloud, Dropbox and Yandex.Disk cloud storages as control servers. Let me remind you that we also wrote that Vulnerability in macOS Leads… Continue reading CloudMensis Malware Attacks MacOS Users