Cisco Fixes Bug Allowing Remote Code Execution With Root Privileges Cisco has released security updates to address a critical pre-authentication remote code execution (RCE) vulnerability affecting SD-WAN vManage Software’s remote management component. The company fixed two other high-severity security vulnerabilities in the user management (CVE-2021-1137) and system file transfer (CVE-2021-1480) functions of the same product
New Cring Ransomware Hits Unpatched Fortinet VPN Devices A vulnerability impacting Fortinet VPNs is being exploited by a new human-operated ransomware strain known as Cring to breach and encrypt industrial sector companies’ networks. Cring ransomware (also known as Crypt3r, Vjiszy1lo, Ghost, Phantom) was discovered by Amigo_A in January and spotted by the CSIRT team of Swiss telecommunications provider Swisscom. The
Google Forms And Telegram Abused To Collect Phished Credentials Security researchers note an increase in alternative methods to steal data from phishing attacks, as scammers obtain the stolen info through Google Forms or private Telegram bots. Email remains the preferred method to exfiltrate stolen info but these channels foreshadow a new trend in the evolution
Gigaset Android Phones Infected By Malware Via Hacked Update Server Owners of Gigaset Android phones have been repeatedly infected with malware since the end of March after threat actors compromised the vendor’s update server in a supply-chain attack. Gigaset is a German manufacturer of telecommunications devices, including a series of smartphones running the Android operating
Established in 2018, Privacy Ninja is a Singapore-based IT security company specialising in data protection and cybersecurity solutions for businesses. We offer services like vulnerability assessments, penetration testing, and outsourced Data Protection Officer support, helping organisations comply with regulations and safeguard their data.
Singapore
7 Temasek Boulevard,
#12-07, Suntec Tower One,
Singapore 038987
