Cybersecurity News
Magniber ransomware gang now exploits Internet Explorer flaws in attacks
The Magniber ransomware gang is now using two Internet Explorer vulnerabilities and malicious advertisements to infect users and encrypt their devices. The two Internet Explorer vulnerabilities are tracked as CVE-2021-26411 and CVE-2021-40444, with both having a CVSS v3 severity score of 8.8. The first one, CVE-2021-26411, was fixed in March 2021
Hackers undetected on Queensland water supplier server for 9 months
Hackers stayed hidden for nine months on a server holding customer information for a Queensland water supplier, illustrating the need of better cyberdefenses for critical infrastructure. SunWater is Australian government-owned water supplier responsible for operating 19 major dams, 80 pumping stations, and 1,600 miles long pipelines. According to the annual financial
AMD fixes dozens of Windows 10 graphics driver security bugs
AMD has fixed a long list of security vulnerabilities found in its graphics driver for Windows 10 devices, allowing attackers to execute arbitrary code and elevate privileges on vulnerable systems. The potential impact and the flaws’ severity vary, with AMD tagging more than a dozen bugs as high severity. “In
Electronics retail giant MediaMarkt hit by ransomware attack
Electronics retail giant MediaMarkt has suffered a Hive ransomware with an initial ransom demand of $240 million, causing IT systems to shut down and store operations to be disrupted in Netherlands and Germany. MediaMarkt is Europe’s largest consumer electronics retailer, with over 1,000 stores in 13 countries. MediaMarkt employs approximately 53,000
Google Warns of New Android 0-Day Vulnerability Under Active Targeted Attacks
Google has rolled out its monthly security patches for Android with fixes for 39 flaws, including a zero-day vulnerability that it said is being actively exploited in the wild in limited, targeted attacks. Tracked as CVE-2021-1048, the zero-day bug is described as a use-after-free vulnerability in the kernel that can
Critical RCE Vulnerability Reported in Linux Kernel’s TIPC Module
Cybersecurity researchers have disclosed a security flaw in the Linux Kernel’s Transparent Inter Process Communication (TIPC) module that could potentially be leveraged both locally as well as remotely to execute arbitrary code within the kernel and take control of vulnerable machines. Tracked as CVE-2021-43267 (CVSS score: 9.8), the heap overflow