Breaking News

Pierluigi Paganini September 17, 2017
US Treasury announced sanctions against seven Iranian nationals and other entities

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned 11 entities and Iranian nationals for malicious cyber-enabled activity. The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned 11 entities and individuals for malicious cyber-enabled activity. US Dept. of Treasury announced sanctions against 7 Iranian nationals and security firms […]

Pierluigi Paganini September 17, 2017
Chrome will label Resources delivered via FTP as “Not Secure”

Google continues the ongoing effort to communicate the transport security status of a given page labeling resources delivered via FTP as “Not secure” in Chrome, Last week, Google announced that future versions of Chrome will label resources delivered via the File Transfer Protocol (FTP) as “Not secure.” The security improvement will be implemented starting with […]

Pierluigi Paganini September 17, 2017
Security Affairs newsletter Round 128 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. ·      Crooks leverage Facebook CDN servers to bypass security solutions ·      Mexican tax refund MoneyBack site exposed 400GB of sensitive customer data ·      Security Affairs newsletter Round 127 – News of the week ·      Apache Foundation rejects […]

Pierluigi Paganini September 17, 2017
400,000 UK consumers at risk after the Equifax data breach

About 400,000 Britons may have had their information stolen following the Equifax data breach, the news was reported by the UK division of the company. More details are emerging from the recent Equifax data breach that impacted approximately 143 million U.S. consumers. The attackers exploited the CVE-2017-5638 Apache Struts vulnerability that was fixed back in March, but the company […]

Pierluigi Paganini September 17, 2017
MAGENTO 2.0.16 and 2.1.9 security update fixes critical flaw in the platform

Magento released updates for Magento Commerce and Open Source 2.1.9 and 2.0.16 that fixed also a critical remote code execution vulnerability. Magento released updates for Magento Commerce and Open Source 2.1.9 and 2.0.16 that fixed numerous flaws, including a critical remote code execution vulnerability. The remote code execution flaw impacts content management system (CMS) and layouts, it could be […]

Pierluigi Paganini September 16, 2017
OurMine hacked Vevo and leaked 3.12 TB internal files, then delete them

The notorious OurMine hacker crew has claimed responsibility for the breach of the popular video streaming service Vevo. Another clamorous data breach made the headlines again, this time the victim is the popular video streaming service Vevo that was hacked by the popular hacking group OurMine. Vevo is an American multinational video hosting service founded on December 8, 2009, as a joint […]

Pierluigi Paganini September 16, 2017
Equifax- or the new gold standard for “how not to do Incident Response”!

The cybersecurity expert Stuart Peck, Director of Cyber Security Strategy, ZeroDayLab, shared its view on the Equifax data breach. For those of you living under a rock this week, Equifax suffered a major breach in their security, which led to over 143 million records being stolen by attackers. The information held by Equifax is highly […]

Pierluigi Paganini September 16, 2017
Hackers are offering Equifax data for sale, but they are scammers

It has happened, the information stolen in the recent Equifax data breach is offered for sale on the dark web by crooks, but watch out, they are scammers. Equifax discovered the intrusion on July 29, but only 3 months the agency notified customers the incident (on September 7) that occurred between mid-May and late July. The breach affects […]

Pierluigi Paganini September 15, 2017
CVE-2017-5638 Apache Struts vulnerability is the root cause behind Equifax data breach

It’s official, the Equifax data breach case was caused by the exploitation of the CVE-2017-5638 Apache Struts vulnerability. The Equifax data breach case was solved, that incident was caused by the exploitation of the CVE-2017-5638 Apache Struts vulnerability. The vulnerability affects the Jakarta Multipart parser upload function in Apache and could be exploited by an […]

Pierluigi Paganini September 15, 2017
Premium SMS malware EXPENSIVEWALL infected millions of Android handsets

Google removed 50 malicious apps from the official Play Store after experts discovered a new malware, dubbed ExpensiveWall, eluded Google Bouncer checks. Google has removed 50 malicious apps from the official Play Store after experts with security firm Check Point discovered a new malware, dubbed ExpensiveWall,  eluded the checks of the Google’s Bouncer. The ExpensiveWall malware was […]