Pierluigi Paganini
June 04, 2019
Gamaredon continues to target Ukraine, Yoroi-Cybaze ZLab spotted a new suspicious activity potentially linked to the popular APT group Introduction The Gamaredon attacks against Ukraine don’t seem to have stopped. After a month since our last report we spotted a new suspicious email potentially linked to the Gamaredon group. The group was first discovered by Symantec and TrendMicro in 2015 but […]
Pierluigi Paganini
June 04, 2019
A security expert found a flaw could be exploited to bypass macOS security and privacy features by using synthetic clicks. The popular white hat hacker Patrick Wardle, co-founder and chief research officer at Digita Security, discovered a vulnerability that could be exploited to bypass security warnings by performing ‘Synthetic Clicks’ on behalf of users without […]
Pierluigi Paganini
June 04, 2019
What can Apple ‘s fan do to work with his favorite company? A teen opted out to hack it twice. A 17-year-old teenager Australian teenager decided to attract the attention of the tech giant by gaining access to its mainframe with false credentials. The teen was dreaming of a job in Apple and was convicted […]
Pierluigi Paganini
June 03, 2019
Unpatched vulnerabilities affect the rkt container runtime that could be exploited by an attacker to escape the container and gain root access to the host. The security researchers Yuval Avrahami discovered some vulnerabilities in the rkt containter that could be exploited by an attacker to compromise the underlying host when a user executes the ‘rkt […]
Pierluigi Paganini
June 03, 2019
Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication Summary:Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication via a /remote/media_control?action=setUri&uri=URI Technical Observation: We are abusing […]
Pierluigi Paganini
June 03, 2019
Google aims at eliminating the use of deceptive installation tactics among Chrome browser extensions introducing a new policy. Google announced a new policy for Chrome browser extensions to eliminate the use of deceptive installation tactics. The additional changes are part of the Project Strobe presented by Google in October 2018 in the aftermath of the […]
Pierluigi Paganini
June 03, 2019
Network problems on the East Coast of the US caused massive outages in Google Cloud and the Google Compute Engine, impacting all the services that rely on them. The network issued caused connection problems to several Google services, including G Suite, Gmail, YouTube. Users also experience problems in accessing third-party services such as Snapchat and […]
Pierluigi Paganini
June 03, 2019
Microsoft Azure cloud services are being abused by threat actors to host malware and as command and control (C&C) servers. Threat actors look with great interest at cloud services that could be abused for several malicious purposes, like storing malware or implementing command and control servers. Now it seems to be the Microsoft Azure’s turn, […]
Pierluigi Paganini
June 02, 2019
Leicester City Football Club disclosed a card breach that affected its website, hackers stole payment card data, including card numbers and CVVs. Leicester City Football Club revealed that hackers have breached its website (https://shop.lcfc.com/) and stole credit card data of people that bought products disclosed a card breach that affected its website, hackers stole payment […]
Pierluigi Paganini
June 02, 2019
The popular privacy-focused email service ProtonMail has been accused of offering voluntarily real-time surveillance assistance to law enforcement. The popular privacy-focused email service ProtonMail made the headlines because it has been accused of supporting real-time surveillance carried out by law enforcement. On May 10, while Stephan Walder, a public prosecutor and head of the Cybercrime […]
