Pierluigi Paganini
December 04, 2018
Russia-linked cyber-espionage group Sofacy, (aka APT28, Pawn Storm, Fancy Bear, Sednit, Tsar Team, and Strontium) use BREXIT lures in recent attacks. The APT group used Brexit-themed bait documents on the same day the UK Prime Minister Theresa May announced the initial BREXIT draft agreement with the European Union (EU). “As the United Kingdom (UK) Prime Minister Theresa May announced the initial BREXIT draft agreement […]
Pierluigi Paganini
December 03, 2018
Security experts at HackenProof are warning Open Elasticsearch instances expose over 82 million users in the United States. Experts from HackenProof discovered Open Elasticsearch instances that expose over 82 million users in the United States. Elasticsearch is a Java-based search engine based on the free and open-source information retrieval software library Lucene. It is developed in Java […]
Pierluigi Paganini
December 03, 2018
New Zealand intelligence agency asked mobile company Spark to avoid using Huawei equipment for 5G infrastructure. According to New Zealand’s Government Communications Security Bureau, Huawei equipment for 5G infrastructure poses a “significant network security risk,” for this reason, it asked mobile company Spark to avoid using the equipment of the Chinese company. The announcement follows the decision of […]
Pierluigi Paganini
December 03, 2018
The TheHackerGiraffe used the Printer Exploitation Toolkit (PRET) to hijack +50k vulnerable printers to Promote PewDiePie YouTube Channel. An anonymous hacker hijacked over 50,000 internet-connected printers worldwide to print out messages promoting the subscription to the PewDiePie YouTube channel. Felix Arvid Ulf Kjellberg, aka PewDiePie, is a popular Swedish Youtuber, comedian, and video game commentator, formerly best known for his Let’s Play commentaries […]
Pierluigi Paganini
December 02, 2018
Two days after Moscow opened a new cable car system hackers infected its computer systems with ransomware. The cable car system is long over 700 meters and spans across the Moscow river linking the Luzhniki Olympic Complex to the observation platform on Sparrow Hills. Two days after Moscow cable car was opened, the servers of the Moscow […]
Pierluigi Paganini
December 02, 2018
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! · Very trivial Spotify phishing campaign uncovered by […]
Pierluigi Paganini
December 02, 2018
Cisco has released security updates to address a vulnerability in the web framework code of Cisco Prime License Manager that could be exploited by an attacker to execute arbitrary SQL queries. Cisco has fixed a vulnerability in Cisco Prime License Manager that could be exploited by a remote unauthenticated attacker to execute arbitrary SQL queries. The flaw is caused by the […]
Pierluigi Paganini
December 01, 2018
Over 270,000 connected devices run vulnerable implementations of UPnP, threat actors are attempting to recruit them in a multi-purpose botnet. In April, Akamai reported that threat actors compromised 65,000 home routers by exploiting vulnerabilities in Universal Plug’N’Play (UPnP), experts tracked the botnet as UPnProxy. Now the company provided an update to its initial analysis revealing […]
Pierluigi Paganini
December 01, 2018
The MITRE Corporation’s ATT&CK framework has been used to evaluate the efficiency of several enterprise security products designed by several vendors. In April, MITRE announced a new service based on its ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) framework to evaluate products based on their ability in detecting advanced persistent threats. The MITRE ATT&CK evaluation service evaluates endpoint detection and response […]
Pierluigi Paganini
November 30, 2018
Security researchers at Trend Micro recently discovered PowerShell-based backdoor that resembles a malware used by MuddyWater threat actor. Malware researchers at Trend Micro have discovered a Powershell-based backdoor that is very similar to a malware used by MuddyWater APT group. The first MuddyWater campaign was observed in late 2017, then researchers from Palo Alto Networks were investigating a mysterious wave […]
Cyber Crime / December 09, 2025
Cyber Crime / December 09, 2025
Cyber Crime / December 08, 2025
