Category: Vulnerability

  • Mimic ransomware: what you need to know

    Mimic ransomware: what you need to know What makes Mimic particularly unusual is that it exploits the API of a legitimate Windows file search tool (“Everything” by Voidtools) to quickly locate files for encryption. Find out more about the threat in my article on the Tripwire State of Security blog. Graham Cluley Go to grahamcluley

  • Smashing Security podcast #395: Gym hacking, disappearing DNA, and a social lockout

    Smashing Security podcast #395: Gym hacking, disappearing DNA, and a social lockout A Kansas City man is accused of hacking into local businesses, not to steal money, but to… get a cheaper gym membership? A DNA-testing firm has vanished, leaving customers in the dark about what’s happened to their sensitive genetic data. And Australia mulls…

  • Zimbra Remote Command Execution Vulnerability (CVE-2024-45519) – Exploit POC Released

    Zimbra Remote Command Execution Vulnerability (CVE-2024-45519) – Exploit POC Released Zimbra, a popular email and collaboration platform, has issued a crucial security update to patch a severe vulnerability in its postjournal service. Identified as CVE-2024-45519, this flaw allows unauthenticated attackers to execute arbitrary commands on affected Zimbra installations. The vulnerability was discovered in Zimbra’s post-journal…

  • New Bluetooth Vulnerability Leak Your Passcode to Hackers While Pairing

    New Bluetooth Vulnerability Leak Your Passcode to Hackers While Pairing A recently identified vulnerability in Bluetooth technology, identified as CVE-2020-26558, poses a significant security risk to devices supporting various Bluetooth Core Specifications. This vulnerability, known as “Impersonation in the Passkey Entry Protocol,” affects devices using the Passkey Entry association model in BR/EDR Secure Simple Pairing,…