Maintainers of Packagist, the largest PHP package repository, have recently addressed a critical remote code execution vulnerability. Packagist is the default package host behind Composer, it has over 435 million package installs. The vulnerability was reported by the security researcher Max Justicz, the expert discovered that the “Submit Package” input field for submitting new PHP packages via the package […]
Julian Assange associate and author of “Information Security for Journalists” Arjen Kamphuis has disappeared, the Norwegian police is working on the case. Media agencies worldwide are reporting the strange disappearance of Arjen Kamphuis, the Julian Assange associate. The news was confirmed by WikiLeaks on Sunday, the man has been missing since August 20, when he left his hotel […]
Last week, security researchers from Trend Micro discovered a new threat actor, tracked as Urpage, that shares similarities with other three hacking crews. Researchers from Trend Micro linked a recently discovered actor, tracked as Urpage, to the hacking groups known as Bahamut, Confucius, and Patchwork. Trend Micro first connected the Confucius group to the Patchwork […]
A report published by the Centre for Cyber Security (Center for Cybersikkerhed) states that the threat to the Danish financial sector is very high. According to a report by the Centre for Cyber Security (Center for Cybersikkerhed), a department of military security agency FET (Forsvarets Efterretningstjeneste), the cyber threat against the Danish financial sector is very […]
The Wireshark team has addressed three serious vulnerabilities that could be exploited by a remote unauthenticated attacker to crash the analyzer. The Wireshark development team has fixed three serious flaws that could be exploited by a remote unauthenticated attacker to trigger a DoS condition in the worldâs most popular network protocol analyzer. The three vulnerabilities […]
A security duo composed of Saleem Rashid and Ryan Castellucci demonstrated that it is possible to hack the John McAfeeâs Bitfi cryptocurrency wallet. Today let’s discuss John McAfeeâs cryptocurrency wallet, the Bitfi wallet, defined by the popular cyber security expert “unhackable.” Unfortunately, nothing is unhackable, and the Bitfi wallet was already hacked two times. The Bitfi wallet is an Android-powered hardware device for […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! ·     Personal details of 37,000 Eir customers exposed […]
MagentoCore skimmer already infected 7,339 Magento stores, according to the Willem de Groot who uncovered the campaign, it is the most aggressive to date. The cybersecurity researcher Willem de Groot has uncovered a massive hacking campaign aimed at Magento stores. The hackers have already infected 7,339 Magento stores with a skimmer script, dubbed MagentoCore, that siphons payment card […]
Security experts from Kaspersky Lab have uncovered a new spam campaign leveraging the Loki Bot malware to target corporate mailboxes. The Loki Bot attacks started in July and aimed at stealing passwords from browsers, messaging applications, mail and FTP clients, and cryptocurrency wallets Loki Bot operators employ various social engineering technique to trick victims into opening weaponized attachments that […]
Security researchers from the opatch community released a micropatch for the recently disclosed Windows zero-day vulnerability. A few days ago, the security researcher who handles the Twitter account @SandboxEscaper has disclosed the details of zero-day privilege escalation vulnerability affecting Microsoftâs Windows operating systems that could be exploited by a local attacker or malicious program to obtain system privileges […]