Pierluigi Paganini
October 12, 2017
The suite of payment infrastructure and management systems SmartVista created by the BPC Group is vulnerable to SQL Injection attacks. Researchers at security firm Rapid7 have publicly disclosed a SQL injection vulnerability affecting the financial platform SmartVista after they couldn’t raise a response from the vendor. SmartVista is a suite of payment infrastructure and management systems […]
Pierluigi Paganini
October 12, 2017
The Australia’s foreign intelligence Agency ASD has revealed military sensitive information has been stolen by hackers who breached a Department of Defence contractor. The Australia’s foreign intelligence agency, the Australian Signals Directorate (ASD), admitted a hacker has stolen over 30 GB of military documents. Stolen data includes details on fighter jets, military aircraft, and naval ships. The […]
Pierluigi Paganini
October 12, 2017
Hi-Tech Crime Trends 2017 – Banks, powerstations and cryptocyrrency exchanges are forecast to be the most likely targets for hacking in the near future Group-IB, one of the global leaders in preventing and investigating high-tech crimes and online fraud, presented its Hi-Tech Crime Trends 2017 report at CyberCrimeCon, In the next year, the main source of losses […]
Pierluigi Paganini
October 11, 2017
Security researchers from Kaspersky Lab have discovered a new strain of ATM malware dubbed ATMii that could be used to empty an ATM. Security researchers from Kaspersky Lab have discovered a new strain of ATM malware dubbed ATMii. The ATMii malware was discovered in April this year, it implements an injector module (exe.exe) and the module to be injected (dll.dll). Crooks can […]
Pierluigi Paganini
October 11, 2017
Israeli hackers compromised the Kaspersky infrastructure and caught Russian spies using AV tool to harvest NSA exploits. Kaspersky was not aware of the hack. There is still a heated discussion about the alleged hack of Kaspersky’s antivirus and its use to steal an NSA exploit from a US subcontractor. Explosive new revelations put at risk […]
Pierluigi Paganini
October 11, 2017
Microsoft October Patch Tuesday addresses the CVE-2017-11826 Office Zero-Day vulnerability that has been exploited in the wild in targeted attacks. Yesterday we discussed Microsoft’s October Patch Tuesday addressed three critical zero-day security vulnerabilities tied to the DNSSEC protocol. Going deep in the analysis of the Patch Tuesday updates for October 2017 we can see that Microsoft addressed […]
Pierluigi Paganini
October 11, 2017
The leading global professional services company Accenture exposed its business data in a public Amazon S3 bucket. Disconcerting! Another Tech giant has fallen victim of an embarrassing data leak, this time the leading global professional services company Accenture exposed its business data in a public Amazon S3 bucket. The incident exposed internal Accenture private keys, secret API data, […]
Pierluigi Paganini
October 10, 2017
Microsoft’s October Patch Tuesday addresses three critical zero-day security vulnerabilities tied to the DNSSEC protocol. Microsoft’s October Patch Tuesday addresses three critical security vulnerabilities in the Windows DNS client in Windows 8, Windows 10, and Windows Server 2012 and 2016. The vulnerabilities affect the Microsoft’s implementation of one of the data record features used in the secure […]
Pierluigi Paganini
October 10, 2017
The Iran-Linked cyberespionage group OilRig has been using a new Trojan in attacks aimed at targets in the Middle East. Experts from Palo Alto Networks spotted a new campaign launched by the notorious APT group OilRig against an organization within the government of the United Arab Emirates (UAE). The OilRig hacker group is an Iran-linked APT that has been around since at least […]
Pierluigi Paganini
October 10, 2017
Crooks are spreading the FormBook malware to target aerospace firms, defense contractors and some manufacturing organizations in the US and South Korea. According to researchers at FireEye, FormBook was spotted in several high-volume distribution campaigns targeting aim at Aerospace, Defense Contractor, and Manufacturing industries. The phishing emails that targeted US entities contain PDF, DOC or […]
Malware / February 11, 2026
