Pierluigi Paganini
July 30, 2019
Experts spotted a Java ATM malware that was relying on the XFS (EXtension for Financial Service) API to “jackpot” the infected machine Introduction Recently our attention was caught by a really particular malware sample most probably linked toa recent cybercriminal operation against the banking sector. This piece of malicious code is a so-called ‘ATM malware‘: […]
Pierluigi Paganini
July 30, 2019
Capital One, one of the largest U.S. –card issuer and financial corporation suffered a data breach that exposed personal information from more than 100 million credit applications. A hacker that goes online with the handle “erratic” breached the systems at Capital One and gained access to personal information from 106 million Capital One credit applications. […]
Pierluigi Paganini
July 30, 2019
Security experts at Armis have discovered a dozen zero-day vulnerabilities affecting the VxWorks real-time operating systems (RTOS) for embedded devices. Researchers at Armis Labs have discovered a dozen zero-day flaws in the VxWorks real-time operating systems (RTOS) for embedded devices. The collection of vulnerabilities was dubbed URGENT/11, it includes 11 flaws, 6 of which are […]
Pierluigi Paganini
July 29, 2019
Security experts at Plugin Vulnerabilities have discovered an authenticated Persistent Cross-Site Scripting (XSS) flaw in Facebook Widget. Researchers at Plugin Vulnerabilities have discovered an authenticated Persistent Cross-Site Scripting (XSS) flaw in the Facebook Widget (Widget for Facebook Page Feeds). The plugin is one of the 1,000 most popular plugins and it was closed on the […]
Pierluigi Paganini
July 29, 2019
One of the most active drug sellers on the Dark Web was charged by law authorities and ordered to forfeit over $4 million in cryptocurrency. The US Department of Justice (DoJ) charged Richard Castro (36) (aka “Chemsusa,” “Chems_usa,” and “Jagger109”) with participating in a conspiracy to distribute carfentanil, fentanyl, and a fentanyl analogue over the […]
Pierluigi Paganini
July 29, 2019
According to experts at Sonicwall, scanning of random ports and the diffusion of encrypted malware are characterizing the threat landscape. In 2018, global malware volume recorded by SonicWall hit a record-breaking 10.52 billion attacks. The situation is better in the first half of 2019, when SonicWall recorded 4.8 billion attacks, a 20% drop compared to […]
Pierluigi Paganini
July 29, 2019
Facebook recently announced that it removed multiple pages, groups, and accounts tied to Russia involved in psyops ahead of the election in Ukraine. Facebook spotted four campaigns that appear independent, three of them associated with Russian threat actors. One of the operations involved 18 Facebook accounts, nine pages, and three groups. Threat actors attempted to […]
Pierluigi Paganini
July 29, 2019
Watch out! Playing a video on Android devices could be a dangerous operation due to a critical CVE-2019-2107 RCE flaw in Android OS between version 7.0 and 9.0. Playing a specially-crafted video on devices with the Android’s native video player application could allow attackers to compromise them due to a dangerous critical remote code execution […]
Pierluigi Paganini
July 28, 2019
Over the weekend, Jessica Alba’s Twitter account was hacked, the miscreants posted homophobic, racist and Nazi-sympathizing messages. On Saturday evening, miscreants hacked the Twitter account of the actress Jessica Alba and posted hateful, homophobic, and racist messages that remained live for hours. One of the messages posted by the hackers reads “Nazi Germany Did Nothing […]
Pierluigi Paganini
July 28, 2019
Experts at Trustwave observed threat actors using a rare technique to compromise fully patched websites. Security experts at Trustwave observed threat actors using a rare steganography technique, attackers are hiding PHP scripts in Exchangeable Image Format (EXIF) headers of JPEG images that are uploaded on the website. The Exchangeable image file format is a standard […]
