Zend Framework Remote Code Execution Vulnerability Revealed An untrusted deserialization vulnerability disclosed this week in Zend Framework can be exploited by attackers to achieve remote code execution on PHP sites. This vulnerability tracked as CVE-2021-3007 may also impact some instances of Laminas Project, Zend’s successor. Zend Framework consists of PHP packages installed over 570 million times. The framework is used
China’s APT Hackers Move To Ransomware Attacks Security researchers investigating a set of ransomware incidents at multiple companies discovered malware indicating that the attacks may be the work of a hacker group believed to operate on behalf of China. Although the attacks lack the sophistication normally seen with advanced threat actors, there is strong evidence
Beware: PayPal Phishing Texts State Your Account Is ‘Limited’ A PayPal text message phishing campaign is underway that attempts to steal your account credentials and other sensitive information that can be used for identity theft. When PayPal detects suspicious or fraudulent activity on an account, the account will have its status set to “limited,” which
Secret Backdoor Discovered In Zyxel Firewall And AP Controllers Over 100,000 Zyxel devices are potentially vulnerable to a secret backdoor caused by hardcoded credentials used to update firewall and AP controllers’ firmware. Niels Teusink of Dutch cybersecurity firm EYE discovered a secret hardcoded administrative account in the latest 4.60 patch 0 firmware for some Zyxel
Established in 2018, Privacy Ninja is a Singapore-based IT security company specialising in data protection and cybersecurity solutions for businesses. We offer services like vulnerability assessments, penetration testing, and outsourced Data Protection Officer support, helping organisations comply with regulations and safeguard their data.
Singapore
7 Temasek Boulevard,
#12-07, Suntec Tower One,
Singapore 038987
