May 9, 2021

WhatsApp will not deactivate the accounts of users who don’t accept the new privacy policy update that requires sharing data with other companies owned by Facebook. WhatsApp on Friday announced that it will not deactivate accounts of users who don’t accept its new privacy policy that will be rolled out on May 15. The company will only […]

The post WhatsApp will not deactivate accounts for not accepting new privacy terms appeared first on Security Affairs.

Read More WhatsApp will not deactivate accounts for not accepting new privacy terms

U.S. CISA has published an analysis of the FiveHands ransomware, the same malware that was analyzed a few days ago by researchers from FireEye’s Mandiant experts. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the FiveHands ransomware that was recently detailed by FireEye’s Mandiant. At the end of April, researchers […]

The post CISA MAR report provides technical details of FiveHands Ransomware appeared first on Security Affairs.

Read More CISA MAR report provides technical details of FiveHands Ransomware

‘Spam protection, AntiSpam, FireWall by CleanTalk’ anti-spam WordPress plugin could expose user sensitive data to an unauthenticated attacker. A Time-Based Blind SQL Injection in ‘Spam protection, AntiSpam, FireWall by CleanTalk’ WordPress plugin, tracked as CVE-2021-24295, could be exploited by an unauthenticated attacker to access user data. The flaw could be exploited by an attack to […]

The post SQL injection issue in Anti-Spam WordPress Plugin exposes User Data appeared first on Security Affairs.

Read More SQL injection issue in Anti-Spam WordPress Plugin exposes User Data

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Cloud hosting provider Swiss Cloud suffered a ransomware attack Hacking a Tesla Model X with a DJI Mavic 2 drone equipped with a WIFI dongle WeSteal, a shameless commodity cryptocurrency […]

The post Security Affairs newsletter Round 313 appeared first on Security Affairs.

Read More Security Affairs newsletter Round 313

Here’s an overview of some of last week’s most interesting news, articles and interviews: 21 vulnerabilities found in Exim, update your instances ASAP! A code audit of Exim, a widely used mail transfer agent, has revealed 21 previously unknown vulnerab…

Read More Week in review: Patch Tuesday forecast, how to select a DLP solution, is it OK to publish PoC exploits?

A flaw in some DNS resolvers, tracked as TsuNAME, can allow attackers to launch DDoS attacks against authoritative DNS servers. Researchers at SIDN Labs (the R&D team of the registry for .nl domains), InternetNZ (the registry for .nz domains), and the Information Science Institute at the University of Southern California has discovered a vulnerability, named […]

The post TsuNAME flaw exposes DNS servers to DDoS attacks appeared first on Security Affairs.

Read More TsuNAME flaw exposes DNS servers to DDoS attacks