Pierluigi Paganini
April 22, 2019
Experts at security firm SafeGuard reported that Russian Twitter bot activity raised up by 286 percent in the wake of the release of the Mueller Report. Experts at security firm SafeGuard reported that Russian Twitter bot activity raised up by 286 percent in the wake of the release of the Mueller Report. Social media platforms […]
Pierluigi Paganini
April 22, 2019
Palo Alto Networks Unit 42 researchers uncovered a malicious campaign targeting entities in North America, Europe, Asia, and the Middle East with RevengeRAT. The campaign was carried out during March, threat actors tracked as Aggah” used pages hosted on Bit.ly, BlogSpot, and Pastebin as a command-and-control (C2) infrastructure to distribute the RevengeRAT. Attackers hit organizations […]
Pierluigi Paganini
April 22, 2019
Researcher discovered a high-severity flaw in Shopify e-commerce platform that could have been abused to expose the traffic and revenue data for the stores. Bug bounty hunter Ayoub Fathi. discovered a vulnerability in a Shopify API endpoint that could be exploited to leak the revenue and traffic data of thousands of stores. The Shopify platform […]
Pierluigi Paganini
April 21, 2019
Security researcher discovered a database belonging to a ride-hailing company operating in Iran that was left exposed online containing over 6.7M records. Security researcher Bob Diachenko discovered a database belonging to a ride-hailing company operating in Iran that was left exposed online without protection. The MongoDB instance named ‘doroshke-invoice-production‘ contained over 6.7 million records of […]
Pierluigi Paganini
April 21, 2019
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! Attackers hacked support agent to access Microsoft Outlook email accounts Major coordinated disinformation campaign hit the Lithuanian Defense Romanian duo convicted of fraud Scheme infecting 400,000 computers Security Affairs […]
Pierluigi Paganini
April 21, 2019
Researcher discovered eight unsecured databases exposed online that contained approximately 60 million records of LinkedIn user data. Researcher Sanyam Jain at GDI foundation discovered eight unsecured databases exposed online that contained approximately 60 million records of LinkedIn user data. Most of the data are publicly available, the databases also include the email addresses of the […]
Pierluigi Paganini
April 21, 2019
A new service called Inpivx represents the evolution of the ransomware-as-a-service making it very easy for wannabe crooks to develop their malware and build a management panel. A new Tor hidden service called Inpivx evolves the concept of the ransomware-as-a-service making it very easy for crooks without technical skills to develop their own malware and […]
Pierluigi Paganini
April 20, 2019
British malware researcher Marcus Hutchins has pleaded guilty to developing and sharing the banking malware between July 2014 and July 2015. The popular British cybersecurity expert Marcus Hutchins has pleaded guilty to developing and sharing the Kronos banking malwarebetween July 2014 and July 2015. Marcus Hutchins, also known as MalwareTech, made the headlines after discovering […]
Pierluigi Paganini
April 20, 2019
Antivirus solutions from different vendors are having malfunctions after the installation of Windows security patches released on April 9, including McAfee, Avast and Sophos. Antivirus solutions from different vendors are showing malfunctions after the installation of Windows security patches released on April 9. Antivirus solutions from Sophos, Avira, ArcaBit, Avast, and recently McAfee reported security […]
Pierluigi Paganini
April 20, 2019
Google this week announced that it is going to block login attempts from embedded browser frameworks to prevent man-in-the-middle (MiTM) phishing attacks. Phishing attacks carried out by injecting malicious content in legitimate traffic are difficult to detect when attackers use an embedded browser framework or any other automated tool for authentication. For example, the embedded […]
