Pierluigi Paganini
January 14, 2017
The hackers that targeted MongoDB installations with ransom attacks now switch on the exposed Elasticsearch clusters with a similar tactic. A few days ago I reported the news of a string of cyber attacks against MongoDB databases. Hackers broke into unprotected MongoDB databases, stealing their content, and asking for a ransom to return the data. […]
Pierluigi Paganini
January 14, 2017
A security issue can be used to intercept and read encrypted messages. Is this a WhatsApp backdoor? Which are potential risks? Is the popular messaging service Whatsapp affected by a backdoor? According to a blog post published by The Guardian, the application was affected by a vulnerability that could be exploited by attackers to intercept and read messages. […]
Pierluigi Paganini
January 14, 2017
The popular hacker Kapustkiy hacked a website belonging to the Government of Venezuela in protest against the dictatorship of Nicolas Maduro. The White hat hacker Kapustkiy has hacked the Government of Venezuela and leaked data on Pastebin http://pastebin.com/ud0pewGL. Kapustkiy hacked the website www.gdc.gob.ve by exploiting a Local File Inclusion (LFI) vulnerability in: http://www.gdc.gob.ve/2.0/gui_resources/css/?f=../../../../../../../../../../etc/passwd “I have found a LFI in the […]
Pierluigi Paganini
January 13, 2017
According to the release notes the latest version of WordPress 4.7.1 addresses eight security vulnerabilities and other 62 bugs. Wednesday the latest version of WordPress 4.7.1 was released by the WordPress Team, it is classified as a security release for all previous versions. According to the release notes, the new version addresses eight security flaws […]
Pierluigi Paganini
January 13, 2017
The ShadowBrokers hacking group that broke into the NSA arsenal and stole its hacking tools is signing off, leaving a gift to the security community. The mysterious hacking group calling themselves “The Shadow Brokers” has apparently decided to put an end to their failed attempts to sell exploits and hacking tools they claimed to have […]
Pierluigi Paganini
January 13, 2017
Let’s try to analyze some facts about the Italian EyePyramid espionage campaign. Prof. Corrado Aaron Visaggio helped us in this difficult task. The Italian EyePyramid espionage campaign raised to me two simple questions: (i) Are the criminals geniuses or dummies? (ii) How can an old, known, easy-to-detect malware infect so many machines belonging to different […]
Pierluigi Paganini
January 13, 2017
The Israeli mobile phone data extraction company Cellebrite was hacked by unknown hackers that provide the 900GB database to Motherboard. An irony of fate, the Israeli mobile phone data extraction company Cellebrite was hacked. The company went in the headlines in the dispute between Apple and the FBI in the case of the San Bernardino shooter’s […]
Pierluigi Paganini
January 12, 2017
The Internet Systems Consortium (ISC) has issued security updates to address four high severity flaws in the DNS software BIND. The Internet Systems Consortium (ISC) has issued updates to solve four high severity flaws in the DNS software BIND. The flaw could be exploited by a remote attacker to cause a DoS condition. An attacker can […]
Pierluigi Paganini
January 12, 2017
Two Italian siblings have been arrested by Italian Police and they were charged with a long-running cyber espionage campaign. This is a very intriguing story, two Italian siblings Giulio and Francesca Maria Occhionero gave been arrested by Italian Police and they were charged with a long-running cyber espionage campaign that targeted Italian politicians, lawyers, entrepreneurs, and masons. The […]
Pierluigi Paganini
January 12, 2017
Security experts from Emsisoft spotted a new strain of malware, the Spora ransomware, that allows potential victims to pay for immunity from future attacks. Security experts from Emsisoft spotted a new strain of ransomware dubbed Spora that implements a singular extortion mechanism, it allows potential victims to pay for immunity from future attacks. According to the experts, […]
