Breaking News Archives - Page 1203 of 1506

Pierluigi Paganini April 07, 2017

Philadelphia Ransomware, a new threat targets the Healthcare Industry

“Philadelphia” Ransomware Targets Healthcare Industry Security experts from Forcepoint have discovered a new strain of ransomware dubbed Philadelphia that is targeting organizations in the healthcare industry. The Philadelphia ransomware is a variant of the Stampado ransomware, a very cheap malware offered for sale on the Dark Web since June 2016 at just 39 USD for a lifetime license. Last month the popular expert Brian […]

Pierluigi Paganini April 07, 2017

Apache Struts 2 vulnerability exploited to deliver the Cerber ransomware

Cyber criminals exploited the recently patched Apache Struts 2 vulnerability CVE-2017-5638 in the wild to deliver the Cerber ransomware. A recently patched Apache Struts 2 vulnerability, tracked as CVE-2017-5638, has been exploited by crooks in the wild to deliver the Cerber ransomware. The remote code execution vulnerability affected the Jakarta-based file upload Multipart parser under Apache […]

Pierluigi Paganini April 06, 2017

Operation Cloud Hopper – APT10 goes after Managed Service Providers

Security experts uncovered a widespread campaign tracked as Operation Cloud Hopper known to be targeting managed service providers (MSPs) worldwide. Chinese APT10 group is the main suspect. Security experts from PwC UK and BAE Systems have uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper, targeting managed service providers (MSPs) in multiple countries worldwide. The experts […]

Pierluigi Paganini April 06, 2017

Scottrade Bank admits a data breach that potentially exposed 20,000 customers’ records

Scottrade Bank confirmed that a technical incident has exposed 20,000 customer records. a 60GB MSSQL database was accidentally left open online. It is official, the Scottrade Bank suffered a data breach that affected thousands of its customers. Online brokerage Scottrade has admitted the data breach for sensitive loan applications from roughly 20,000 customers. The incident […]

Pierluigi Paganini April 06, 2017

Be careful, Cisco Mobility Express is shipped with some Cisco Aironet devices has a hard-coded password. Fix it!

The Mobility Express Software shipped with Cisco Aironet 1830 Series and 1850 Series access points has a hard-coded admin-level SSH password. Yesterday I wrote about SCADA systems that are currently shipped with an unchangeable hard-coded password, and today I’m here to discuss you a similar problem. The Mobility Express Software developed by the IT giant […]

Pierluigi Paganini April 06, 2017

United Cyber Caliphate published a kill list of 8,786 individuals in US, UK

Members of the United Cyber Caliphate (UCC) pro-ISIS hacker group has released a new kill list with 8,786 targets in US, UK The pro-ISIS hacking group United Cyber Caliphate (UCC) has released a “kill list” containing the names and addresses of 8,786 individuals in the U.S. and UK. The group published a shocking video online […]

Pierluigi Paganini April 05, 2017

Crooks took control over operations of a Brazilian bank for 5 hours

Cyber criminals launched a sophisticated cyber heist that compromised the entire DNS infrastructure of a major Brazilian Bank. A cyber criminal organization took over online service of a major Brazilian bank for five hours. The hackers compromised the bank DNS system and intercepted all the connections to the financial institution. According to Kaspersky Lab who […]

Pierluigi Paganini April 05, 2017

ClearEnergy ransomware aim to destroy process automation logics in critical infrastructure, SCADA and industrial control systems.

Schneider Electric, Allen-Bradley, General Electric (GE) and more vendors are vulnerable to ClearEnergy ransomware. Researchers at CRITIFENCE® Critical Infrastructure and SCADA/ICS Cyber Threats Research Group have demonstrated this week a new proof of concept ransomware attack aiming to erase (clear) the ladder logic diagram in Programmable Logic Controllers (PLCs). The ransomware a.k.a ClearEnergy affects a massive […]

Pierluigi Paganini April 05, 2017

Still problems for Schneider Electric, Schneider Modicon TM221CE16R has a hardcoded password

The firmware running on the Schneider Modicon TM221CE16R (Firmware 1.3.3.3) has a hardcoded password, and there is no way to change it. I believe it is very disconcerting to find systems inside critical infrastructure affected by easy-to-exploit vulnerabilities while we are discussing the EU NIS directive. What about hard-coded passwords inside critical systems? Unfortunately, it’s happened […]

Pierluigi Paganini April 05, 2017

Download and install the last iOS 10.3.1, attackers can hack you over Wi-Fi

A critical flaw could be exploited by attackers within range to “execute arbitrary code on the Wi-Fi chip,” download and install last iOS 10.3.1 version. Last week, Apple released iOS 10.3, an important release of the popular operating system the fixed more than 100 bugs and implements security improvements. Apple opted to push an emergency patch update […]

Breaking News

Philadelphia Ransomware, a new threat targets the Healthcare Industry

Apache Struts 2 vulnerability exploited to deliver the Cerber ransomware

Operation Cloud Hopper – APT10 goes after Managed Service Providers

Scottrade Bank admits a data breach that potentially exposed 20,000 customers’ records

Be careful, Cisco Mobility Express is shipped with some Cisco Aironet devices has a hard-coded password. Fix it!

United Cyber Caliphate published a kill list of 8,786 individuals in US, UK

Crooks took control over operations of a Brazilian bank for 5 hours

ClearEnergy ransomware aim to destroy process automation logics in critical infrastructure, SCADA and industrial control systems.

Still problems for Schneider Electric, Schneider Modicon TM221CE16R has a hardcoded password

Download and install the last iOS 10.3.1, attackers can hack you over Wi-Fi

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Patch immediately: CVE-2025-25257 PoC enables remote code execution on Fortinet FortiWeb

Wing FTP Server flaw actively exploited shortly after technical details were made public

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 53

Security Affairs newsletter Round 532 by Pierluigi Paganini – INTERNATIONAL EDITION

McDonald’s job app exposes data of 64 Million applicants

QUICK LINKS

Breaking News

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!