Pierluigi Paganini
January 22, 2019
Expert discovered a remote code execution vulnerability in the APT package manager used by several Linux distributions, including Debian and Ubuntu. The independent security consultant Max Justicz has discovered a remote code execution vulnerability in the APT package manager used by several Linux distributions, including Debian and Ubuntu. The flaw, tracked as CVE-2019-3462, affects package manager version 0.8.15 and later, […]
Pierluigi Paganini
January 22, 2019
Adobe released security updates to address multiple XSS vulnerabilities in the Experience Manager and Experience Manager Forms that can lead to information disclosure. Adobe released security updates for the Experience Manager and Experience Manager Forms to address flaws that can lead to information disclosure. The Experience Manager is affected by a stored cross-site scripting (XSS) issue […]
Pierluigi Paganini
January 22, 2019
Data belonging to online casinos found exposed online on unprotected Elastic search instance, it includes info on 108 million bets and user details Data breaches are an ordinary issue, this time an online casino group leaked information about 108 million bets including user details. Leaked data includes personal information and payment card details, including real […]
Pierluigi Paganini
January 22, 2019
The French data protection watchdog CNIL announced a fine of 50 million euros ($57 million) for US search giant Google under GDPR.The French data protection watchdog CNIL announced a fine of 50 million euros ($57 million) for US search giant Google under GDPR. “On 21 January 2019, the CNIL’s restricted committee imposed a financial penalty […]
Pierluigi Paganini
January 21, 2019
A rogue MySQL server could be used to steal files from clients due to a design flaw in the popular an open source relational database management system (RDBMS). The flaw resides in the file transfer process between a client host and a MySQL server, it could be exploited by an attacker running a rogue MySQL server to access […]
Pierluigi Paganini
January 21, 2019
The electronics firm Omron released a security update to address flaws in its CX-Supervisor product that can be exploited DoS attacks and remote code execution. CX-Supervisor allows to rapidly create human-machine interfaces (HMIs) for supervisory control and data acquisition (SCADA) systems thanks to the availability of a large number of predefined functions and libraries. The software […]
Pierluigi Paganini
January 21, 2019
An Iranian developer is promoting on a Telegram hacking channel the BlackRouter ransomware through a Ransomware-as-a-Service model. An Iranian developer is advertising on Telegram a Ransomware-as-a-Service called BlackRouter. The same expert advertises other malware and is believed to the author of another ransomware called Blackheart. promotes other infections such as a RAT. BlackRouter was first […]
Pierluigi Paganini
January 21, 2019
Unpatched critical flaw CVE-2018-15439 could be exploited by a remote, unauthenticated attacker to gain full control over the device. Cisco Small Business Switch software is affected by a critical and unpatched vulnerability (CVE-2018-15439) that could be exploited by a remote, unauthenticated attacker to gain full control over the device. Cisco Small Business Switch SOHO devices allow […]
Pierluigi Paganini
January 20, 2019
Bulgaria has extradited a Russian hacker that was indicted by a US court for mounting a sophisticated hacking scheme to the United States. According to the Russian embassy in Washington, the Russian hacker Alexander Zhukov was extradited on January 18. The Russian embassy has chosen to disclose the news on the VK social network, the […]
Pierluigi Paganini
January 20, 2019
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! TA505 Group adds new ServHelper Backdoor and FlawedGrace […]
