Breaking News

Pierluigi Paganini December 28, 2020
Threat actor is selling a dump allegedly including 2,5M customers of service provider Ho Mobile

Threat intelligence analyst discovered a threat actor that is selling a database of the Italian mobile service provider Ho mobile. Threat intelligence analyst @Bank_Security first spotted on a popular hacking forum a threat actor that is selling a database allegedly containing the database of the Italian mobile service provider Ho mobile. Ho mobile is an […]

Pierluigi Paganini December 28, 2020
Finland confirms that hackers breached MPs’ emails accounts

The Parliament of Finland confirmed that threat actors had access to email accounts of multiple members of parliament (MPs).  “Parliament of Finland has been subjected to a cyberattack in the fall of 2020. The attack was discovered by parliament technical surveillance. Some parliament e-mail accounts may have been compromised as a result of the attack, […]

Pierluigi Paganini December 28, 2020
Nefilim ransomware operators leak data stolen from Whirlpool

The American multinational manufacturer and marketer of home appliances Whirlpool was hit by the Nefilim ransomware gang. The American multinational manufacturer and marketer of home appliances Whirlpool suffered a ransomware attack, Nefilim ransomware operators claim to have stolen data from the company and threaten to release the full dump if the company will not pay the ransom. The leak comes after failed […]

Pierluigi Paganini December 28, 2020
Multi-platform card skimmer targets Shopify, BigCommerce, Zencart, and Woocommerce stores

Experts warn of a multi-platform credit card skimmer that can target online stores running on Shopify, BigCommerce, Zencart, and Woocommerce. Security experts have discovered a multi-platform credit card skimmer that can allow threat actors to harvest payment info on compromised stores powered by Shopify, BigCommerce, Zencart, and Woocommerce. Researchers from security firm Sansec discovered that the new […]

Pierluigi Paganini December 28, 2020
E-commerce app 21 Buttons exposes millions of users’ data

Researchers discovered that the popular e-commerce app 21 Buttons was exposing private data for 100s of influencers across Europe. Researchers from cybersecurity firm vpnMentor discovered that the e-commerce app 21 Buttons was exposing private data for 100s of influencers across Europe. 21 Buttons allows users to shares photos of their outfits with links to the brands they’re […]

Pierluigi Paganini December 27, 2020
Vermont Hospital confirmed the ransomware attack

The Burlington-based University of Vermont Health Network has finally admitted that ransomware was behind the October attack. In October, threat actors hit the Wyckoff Heights Medical Center in Brooklyn and the University of Vermont Health Network. The cyber attack took place on October 28 and disrupted services at the UVM Medical Center and affiliated facilities. A […]

Pierluigi Paganini December 27, 2020
Security Affairs newsletter Round 294

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. A massive fraud operation used mobile device emulators to steal millions from online bank accounts SolarWinds hackers also breached the US NNSA nuclear agency Clop ransomware gang paralyzed flavor and […]

Pierluigi Paganini December 27, 2020
HackerOne announces first bug hunter to earn more than $2M in bug bounties

White hat hacker could be a profitable profession, Cosmin Iordache earned more than $2M reporting flaws through the bug bounty program HackerOne. Iordache is the first bug bounty hunter to earn more than $2,000,000 in bounty awards through the vulnerability coordination and bug bounty program HackerOne. HackerOne announced that the bug bounty hunter Cosmin Iordache (@inhibitor181) […]

Pierluigi Paganini December 27, 2020
SolarWinds releases updated advisory for SUPERNOVA backdoor

SolarWinds released an updated advisory for the SuperNova malware discovered while investigating the recent supply chain attack. SolarWinds has released an updated advisory for the SuperNova backdoor that was discovered while investigating the recent SolarWinds Orion supply-chain attack. The SuperNova backdoor was likely used by a separate threat actor. After the initial disclosure of the […]

Pierluigi Paganini December 26, 2020
GoDaddy apologized for insensitive phishing email sent to its employees offering a fake bonus

GoDaddy made the headlines for an initiative that is dividing cybersecurity community, it sent phishing messages offering bonuses to its employees. GoDaddy sent an email to its employee that promised a Christmas bonus to help them to face economic problems caused by the ongoing COVID-19 pandemic. The web provider apologized Thursday for the cyber security test […]