FingerprintJS experts devised a fingerprinting technique, named scheme flooding, that could allow identifying users across different desktop browsers, including the Tor Browser. FingerprintJS experts devised a new fingerprinting technique, named scheme flooding, that could allow identifying users while browsing websites using different desktop browsers, including the Tor Browser. The technique allows to profile users while […]
The operators of the Darkside ransomware announced that they have lost control of their infrastructure and part of the funds the gang obtained from the victims. Darkside ransomware operators say they have lost control of their servers and funds resulting from their extortion activity, the funds were transferred to an unknown wallet. “The funds, which […]
Magecart cybercrime gang is using favicon to hide malicious PHP web shells used to maintain remote access to inject JavaScript skimmers into online stores. Magecart hackers are distributing malicious PHP web shells hidden in website favicon to inject JavaScript e-skimmers into online stores and steal payment information. Researchers from Malwarebytes observed threat actors, likely Magecart […]
Irelandâs Health Service Executive service shut down its IT systems after they were hit with a âsignificant ransomware attack.â Another major ransomware attack made the headlines, this time the victim is Irelandâs Health Service Executive that was forced to shut down its IT systems on Friday. After being targeted with a significant ransomware attack the Health Service […]
DarkSide demanded a $5 million ransom to Colonial Pipeline, which has quickly recovered operations, did it pay? The Colonial Pipeline facility in Pelham, Alabama, was hit by a cybersecurity attack on Friday and its operators were forced to shut down its systems. The pipeline allows carrying 2.5 million barrels of refined gasoline and jet fuel […]
Rapid7 disclosed that unauthorized third-party had access to source code and customer data as result of Codecov supply chain attack. Cyber security vendor Rapid7 reveals it was impacted by the Codecov software supply chain attack, attackers had access to data for part of its customers and a small subset of its source code repositories for […]
The recent Colonial Pipeline attack highlights the dangers that are facing Critical Infrastructure worldwide. The attack perpetrated by hackers on oil company Colonial Pipeline highlights the dangers that are facing Industrial Control Systems (ICS) and the need for change in the information security landscape, The attack took place on May 7th where hackers used ransomware […]
Hi GuysI need your support. I became aware only not that we can nominate SecurityAffairs as Best Personal Blog. I need your support. Please vote Security Affairs as Best Personal cybersecurity Blog at the following link https://docs.google.com/forms/d/e/1FAIpQLSer_6yOZrL8OO6XjJ9yj3Mlq9LvuOakdTZN9ZmhkFCy1aQLdw/viewform The URL is https://securityaffairs.co/ and indicate me Pierluigi Paganini as reference Thank you!Pierluigi Follow me on Twitter: @securityaffairs […]
Microsoft warns of a malware-based campaign that targeted organizations in the aerospace and travel sectors in the past months. Microsoft researchers revealed that organizations in the aerospace and travel sectors have been targeted in the past months in a malware-based campaign. Threat actors conducted a spear-phishing campaign using messages that were specifically designed to be […]
Cisco has addressed a zero-day in the Cisco AnyConnect Secure Mobility Client VPN software, with publicly available proof-of-concept exploit code. Cisco has addressed a zero-day vulnerability in Cisco AnyConnect Secure Mobility Client, tracked as CVE-2020-3556, that was disclosed in November. The availability of a proof-of-concept exploit code for the zero-day was confirmed by the Cisco Product Security […]