Pierluigi Paganini
March 27, 2017
An Internet-Connected Medical Washer-Disinfector, the Miele’s model Professional PG 8528, is affected by a Web Server Directory Traversal. While the number of IoT devices continue to exponentially increase, the level of security of these smart objects is often not adequate end exposes users at risk of cyber attacks. The news of the say is a […]
Pierluigi Paganini
March 27, 2017
British interior minister Amber Rudd believes encryption implemented by messaging services is offering a dangerous opportunity for terrorists to communicate. British interior minister Amber Rudd has a clear opinion on encryption implemented by many messaging services, it is no more acceptable. On Sunday the minister Amber Rudd reaffirmed that technology firms must collaborate with law enforcement agencies […]
Pierluigi Paganini
March 27, 2017
According to a German top official, Germany warded off two cyber attacks launched by the Russian state actor APT28 group in 2016. On Friday, a top German official told Reuters that last year Germany warded off two cyber attacks launched by the Russian APT28 group (aka Fancy Bear, Pawn Storm, Sednit, Sofacy, and Strontium) According to Arne Schoenbohm, president of […]
Pierluigi Paganini
March 26, 2017
How much costs a DDoS attack service? Kaspersky Lab published an analysis on the cost of a DDoS attack and services available in the black markets. The DDoS attacks continue to be a profitable business in the cyber criminal underground. Powering a DDoS attack against an organization is even cheaper, running an attack can cost […]
Pierluigi Paganini
March 26, 2017
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. First of all, let me inform you that at the #infosec16 SecurityAffairs was awarded as The Best European Personal Security Blog http://securityaffairs.co/wordpress/48202/breaking-news/securityaffairs-best-european-personal-security-blog.html · Arbor Networks linked a new Acronym Malware to the Potao Express campaign · Security Affairs newsletter […]
Pierluigi Paganini
March 26, 2017
Trend Micro discovered the Chinese threat actor Winnti has been abusing GitHub service for command and control (C&C) communications. Security experts at Trend Micro continue to monitor the activities of the Chinese Winnti hacker group, this time the hackers have been abusing GitHub for command and control (C&C) communications. “Recently, the Winnti group, a threat actor with […]
Pierluigi Paganini
March 25, 2017
Findings of the MIMICS project conducted by Dragos Threat Operations Center show a malware posing as Siemens PLC application is targeting ICS worldwide. After the disclosure of the Stuxnet case, the security industry started looking at ICS malware with increasing attention. A malware that infects an industrial control system could cause serious damages and put in danger human lives. […]
Pierluigi Paganini
March 25, 2017
The recently patched CVE-2017-0022 Windows Zero-Day vulnerability has been exploited by threat actors behind the AdGholas malvertising campaign and Neutrino EK since July 2016. Microsoft has fixed several security flaws with the March 2017 Patch Tuesday updates. According to security experts at Trend Micro, the list of fixed vulnerabilities includes three flaws that had been exploited […]
Pierluigi Paganini
March 25, 2017
Security researchers at MalwareBytes have uncovered a spearphishing campaign that targeted Saudi Arabia Government organizations. Security experts at MalwareBytes have spotted a new spear phishing campaign that is targeting Saudi Arabia governmental organizations. According to the experts, the campaign already targeted about a dozen Saudi agencies. Attackers used weaponized Word document and tricked victims into opening them […]
Pierluigi Paganini
March 24, 2017
US federal prosecutors speculate the involvement of North Korea in the cyber heist of $81 million from Bangladesh’s account at the New York Federal Reserve Bank. The news was reported by The Wall Street Journal, prosecutors suspect the involvement of Chinese middlemen who helped the Government of Pyongyang to organize the cyber theft. In February 2016, unknown hackers transferred […]
Malware / February 11, 2026
