Pierluigi Paganini
December 08, 2017
The OpenSSL Project released the OpenSSL 1.0.2n version that addresses two vulnerabilities discovered by the Google researcher David Benjamin. Benjamin discovered the vulnerabilities using the OSS-Fuzz fuzzing service. The first “moderate severity” issue, tracked as CVE-2017-3737, is related to an “error state” mechanism implemented since OpenSSL 1.0.2b. “OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an “error state” […]
Pierluigi Paganini
December 07, 2017
Security experts discovered a critical vulnerability in major mobile banking applications that left banking credentials vulnerable to hackers. A group of security researchers has discovered a critical vulnerability in major mobile banking applications that left banking credentials vulnerable to hackers. The vulnerability was discovered by researchers of the Security and Privacy Group at the University […]
Pierluigi Paganini
December 07, 2017
NiceHash has been hacked, roughly to 60$ million (4,736.42 BTC) have been stolen while the bitcoin is crossing the 14k$ mark for the first time. A dark day for cryptocurrency miners, NiceHash has been hacked. Closely to 60$ millions (4,736.42 BTC) have been stolen while the bitcoin is crossing the 14k$ mark for the first […]
Pierluigi Paganini
December 07, 2017
Experts devised a new attack technique dubbed Process Doppelgänging, that could be implemented by vxers to bypass most antivirus solutions. A group of security researchers from Ensilo discovered a new malware evasion technique, dubbed Process Doppelgänging, that could be implemented by vxers to bypass most antivirus solutions and security software. The technique is a fileless code […]
Pierluigi Paganini
December 07, 2017
Nearly 5,500 WordPress websites are infected with a malicious script that logs keystrokes and in some loads a cryptocurrency miner in the visitors’ browsers. The experts from security firm Sucuri observed that that malicious script is being loaded from the “cloudflare.solutions” domain, that anyway is not linked with Cloudflare. According to PublicWWW, this malicious script […]
Pierluigi Paganini
December 07, 2017
ProtonMail is officially launching ProtonMail Bridge, which brings easy-to-use email encryption to desktop email clients. Ever since the day that we first got the idea to create ProtonMail, one of the most enduring challenges has been how to do email security right while simultaneously making encrypted email easy enough to use for normal people. Since […]
Pierluigi Paganini
December 07, 2017
The cryptocurrency mining market NiceHash confirmed it has fallen victim to a hacking attack that may have resulted in the loss of $60m worth of Bitcoin Cryptocurrency companies continue to be a privileged target of hackers, the last victim in order of time is the cryptocurrency mining market NiceHash. The NiceHash marketplace allows users to buy […]
Pierluigi Paganini
December 06, 2017
StorageCrypt Ransomware is the last malware in order of time exploiting the SambaCry vulnerability, it was developed to target NAS Devices. Experts discovered a new strain of malware exploiting the SambaCry vulnerability (CVE-2017-7494), it has been called StorageCrypt Ransomware because it targets NAS Devices via SambaCry Exploit. The StorageCrypt ransomware demands between 0.4 and 2 Bitcoins ($5,000 […]
Pierluigi Paganini
December 06, 2017
A security researcher discovered a collection of vulnerabilities dubbed MailSploit affecting more than 30 popular email client software. Email spoofing is quite simple and it is an important activity in any phishing/spear phishing attack. Attackers modify email headers and send an email with the forged sender address to trick recipients into opening the message believing they […]
Pierluigi Paganini
December 06, 2017
Another day, another clamorous data breach, this time let’s discuss a data breach that exposes personal data collected by the Keyboard App AI.type. This story reminds us that every time we download an app we are enlarging our surface of attack, in the majority of cases we are not aware of exact amount of data they […]
