Hacks

A new malware campaign dubbed “RevengeHotels” targeting hotels, hostels, hospitality, and tourism companies worldwide aimed to steal credit card data of users and Travelers from hotel management systems. The campaign uses email as the main attack vector to deliver malware via weaponized Word, Excel or PDF documents. In some cases, it exploits patched Remote Code Execution Vulnerability  CVE-2017-0199  in Microsoft Office or WordPad. Researchers from Kaspersky observed tow hacking groups ProCC and RevengeHotels targeting the hospitality sector and they found to be active at least from 2015. Tactics Used – RevengeHotels Threat actors use to register typo-squatting domains impersonating the legitimate company names to trick the user believing the email is from the legitimate source. They use to send emails with details for booking hotels and the spear-phishing email written in the Portuguese language with the malicious file named  Reserva Advogados Associados(...

Cybersecurity researchers today uncovered details of two new vulnerabilities in the GoAhead web server software, a tiny application widely embedded in hundreds of millions of Internet-connected smart devices. One of the two vulnerabilities, assigned as CVE-2019-5096, is a critical code execution flaw that can be exploited by attackers to execute malicious code on vulnerable devices and take control over them. The first vulnerability resides in the way multi-part/form-data requests are processed within the base GoAhead web server application, affecting GoAhead Web Server versions v5.0.1, v.4.1.1, and v3.6.5. According to the researchers at Cisco Talos, while processing a specially crafted HTTP request, an attacker exploiting the vulnerability can cause use-after-free condition on the server and corrupt heap structures, leading to code execution attacks. The second vulnerability, assigned as CVE-2019-5097, also resides in the same component of the GoAhead Web Server and can be exp...