Silensec Newsletter

Kenya telecoms giant sued over 'data breach'

Kenya telecoms giant sued over 'data breach'

Kenya's biggest mobile service provider Safaricom is being sued for allegedly violating the data privacy of its 11.5 million consumers.

A subscriber has accused the telecom giant of exposing his sports betting history and biodata, according to a legal petition filed at the High Court in the capital, Nairobi.

Read more...

Two Florida cities paid $1.1 Million to ransomware hackers this month

Two Florida cities paid $1.1 Million to ransomware hackers this month

In the last two weeks, Florida has paid more than $1.1 million in bitcoin to cybercriminals to recover encrypted files from two separate ransomware attacks - one against Riviera Beach and the other against Lake City.

Lake City, a city in northern Florida, agreed on Monday to pay hackers 42 Bitcoin (equivalent to $573,300 at the current value) to unlock phone and email systems following a ransomware attack that crippled its computer systems for two weeks.

Read more...

Adobe updates fix code execution issues in Campaign, ColdFusion, and Flash

Adobe updates fix code execution issues in Campaign, ColdFusion, and Flash

Adobe's recent security updates for June 2019 address some critical arbitrary code execution vulnerabilities in Flash Player, Cold Fusion and Campaign products. Adobe fixed critical command injection, file extension blacklist bypass and deserialization vulnerabilities in ColdFusion.

The vulnerabilities could lead to arbitrary code execution on vulnerable systems.

Read more...

Telegram suffers 'powerful DDoS attack' from China during Hong Kong protests

Telegram suffers 'powerful DDoS attack' from China during Hong Kong protests

Telegram, one of the most popular encrypted messaging app, briefly went offline on the 13th of June, 2019 for hundreds of thousands of users worldwide after a powerful distributed denial-of-service (DDoS) attack hit its servers.

Telegram founder Pavel Durov later revealed that the attack was mainly coming from the IP addresses located in China, suggesting the Chinese government could be behind it to sabotage Hong Kong protesters.

Read more...

Several vulnerabilities found in Cisco Industrial Network Director

Several vulnerabilities found in Cisco Industrial Network Director

Cisco on recently informed customers that several vulnerabilities, including a code execution flaw classified as "high severity," have been found in the company's Industrial Network Director product. While conducting internal security testing, Cisco employees identified three types of vulnerabilities in Industrial Network Director. The most serious of them, tracked as CVE-2019-1861 with a CVSS score of 7.2, is a remote code execution flaw.

Read more...

Hackers steal $9.5 million from GateHub cryptocurrency wallets

Hackers steal $9.5 million from GateHub cryptocurrency wallets

Cybercriminals have stolen 23.2 million Ripple coins (XRP), worth nearly $9.5M, from the users of the GateHub cryptocurrency wallet service. The company admitted to the security breach in a preliminary statement posted on its website. While the incident is still under investigation, the company believes the hacker abused its API to carry out the attacks, though it is unsure how.

Read more...