Pierluigi Paganini
January 21, 2020
Yomi implements detection for CurveBall exploits and also supports CVE-2020-0601 exploit detection even for signed Powershell modules. The recent CurveBall vulnerability shook the Info-Sec community worldwide: a major vulnerability reported directly by the US National Security Agency. Such uncommon vulnerability reporter alerted the whole Industry, CVE-2020-0601 quickly conquered most of the headlines. The reason for this unusual outreach […]
Pierluigi Paganini
January 21, 2020
In a few days back, the MalwareMustDie team’s security researcher unixfreaxjp has published a new Linux malware analysis of Fbot that has focused on the decryption of the last encryption logic used by its bot client. This is not the first time Fbot analysis has been published, and also Fbot binaries have been actively infecting […]
Pierluigi Paganini
January 21, 2020
The US-based children’s clothing maker Hanna Andersson has disclosed a data breach that affected its customers. The US-based children’s clothing maker and online retailer Hanna Andersson discloses a data breach, attackers planted an e-skimmer on its e-commerce platform. Like other Magecart attacks, crooks compromised the online store and injected a JavaScript code into checkout pages to […]
Pierluigi Paganini
January 21, 2020
The NIST released version 1.0 of Privacy Framework, it is a tool designed to help organizations to manage privacy risks. The National Institute of Standards and Technology (NIST) has published the release version 1.0 of its privacy framework. The Framework is a voluntary tool that can be used by organizations to manage risks in compliance […]
Pierluigi Paganini
January 21, 2020
Expert found a hardcoded SSH public key in Fortinet ’s Security Information and Event Management FortiSIEM that can allow access to the FortiSIEM Supervisor. Andrew Klaus, a security specialist from Cybera, discovered a hardcoded SSH public key in Fortinet’s Security Information and Event Management FortiSIEM that can be used by attackers to the FortiSIEM Supervisor. […]
Pierluigi Paganini
January 20, 2020
Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate information. Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data. According to the company, attackers did not obtain sensitive information about defense contracts. The breach was detected almost eight months ago, on June 28, 2019, […]
Pierluigi Paganini
January 20, 2020
The Chairman of the NATO Military Committee announced that the alliance has sent a counter-hybrid team to Montenegro to face Russian hybrid attacks. Last week in Brussels, the Chairman of the NATO Military Committee (MC), Marshal Sir Stuart Peach, announced the effort of the Alliance in facing Russian hybrid attacks. The term “Hybrid warfare” refers to […]
Pierluigi Paganini
January 20, 2020
Citrix addressed the actively exploited CVE-2019-19781 flaw in Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances. Citrix has released security patches to address actively exploited CVE-2019-19781 vulnerability in Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances. While security researchers were warning of ongoing scans for Citrix Application Delivery Controller […]
Pierluigi Paganini
January 20, 2020
The WP Database Reset WordPress plugin is affected by an “easily exploitable” vulnerability that can allow attackers to take over vulnerable sites. Security experts from Wordfence discovered two security vulnerabilities in the WP Database Reset WordPress plugin that can van be used to take over the vulnerable websites. The WordPress Database Reset plugin allows users to reset the […]
Pierluigi Paganini
January 20, 2020
Researchers from Cisco Talos discovered a new Trojan named JhoneRAT that was used in targeted attacks against entities in the Middle East. A new Trojan named JhoneRAT appeared in the threat landscape, it is selectively attacking targets in the Middle East by checking keyboard layouts. The malware targets a very specific set of Arabic-speaking countries, […]
Cyber Crime / December 09, 2025
