securityXspace: a blog about cyber-philosophy.

At least 3 different groups have been leveraging the NSA EternalBlue exploit weeks before the WannaCry attacks, here’s the evidence. In the last days, security experts discovered numerous attacks that have been leveraging the same EternalBlue exploit used by the notorious WannaCry ransomware . Source: At least 3 different groups have been leveraging the NSA…

GP told of ‘National hack of the computer health care system’ At least one NHS hospital has shut down systems and is telling patients not to come in, due to what is being described as a massive nationwide cyber attack.… Source: NHS hit by ‘cyber attack’, at least one hospital shut down

The malware , called Persirai, has been found infecting Chinese-made wireless cameras since last month, security firm Trend Micro said on Tuesday. The malware does so by exploiting flaws in the cameras that a security researcher reported back in March. Source: New IoT malware targets 100000 IP cameras via known flaw

Ars Technica UK CIA zero – day that hijacked Cisco switches for years is finally dead Ars Technica UK CIA zero – day that hijacked Cisco switches for years is finally dead. Fix neutralises attack code that was put into the wild in early March. Source: CIA zero-day that hijacked Cisco switches for years is…

Attacks using this zero – day were seen sparingly in March, coupled with CVE-2017-0001, an elevation of privilege vulnerability, which allowed attackers to escalate their exploit’s reach. US cyber-security firm FireEye says a cyber-espionage group known … Source: 3 of 4 Zero-Days Microsoft Patched Yesterday Were Used by Russian Cyberspies

Apple has recently patched a Keychain vulnerability that could have been exploited by man-in-the-middle (MitM) attackers to obtain sensitive user information. The details of the flaw were disclosed on Monday by the researcher who reported it to the vendor. read more Source: Vulnerability Allowed Hackers to Steal iCloud Keychain Secrets

If you have recently downloaded the popular open source video transcoder app HandBrake on your Mac, there are chances that your computer is infected with a notorious Remote Access Trojan (RAT). The HandBrake team issued a security alert on Saturday, warning Mac users that one of its mirror servers to download the software has been…

Google Project Zero’s security researchers have discovered another critical remote code execution (RCE) vulnerability in Microsoft’s Windows operating system, claiming that it is something truly bad. Tavis Ormandy announced during the weekend that he and another Project Zero researcher Natalie Silvanovich discovered “the worst Windows remote code [execution vulnerability] in recent memory. Source: Google 0-Day…

ExploitBox.io – A playground & labs For Hackers, 0day Bug Hunters, Pentesters, Security Researchers : https://exploitbox.io/exploit/wordpress-rce-exploit.sh

uk.businessinsider.com – The campaign of Emmanuel Macron, the favourite to win France’s presidential election, has been targeted by a cyber espionage group linked by some experts to the Russian military intelligence agency… Tweeted by @longwallsec https://twitter. Source: Russian hackers are believed to have targeted France’s favorite to win the presidential election