Pierluigi Paganini
June 04, 2021
PrivacyAffairs released the Dark Web Index 2021, the document provides the prices for illegal services/products available in the black marketplaces. Over the last couple of years, we’ve all had our attention fixed on one of two things: the global pandemic and the previous year’s presidential elections. Both issues are essential, and the pandemic has changed […]
Pierluigi Paganini
June 02, 2021
A critical zero-day vulnerability in the Fancy Product Designer WordPress plugin exposes more than 17,000 websites to attacks. Researchers from the Wordfence team at WordPress security company Defiant warn that a critical zero-day vulnerability, tracked as CVE-2021-24370, in the Fancy Product Designer WordPress plugin is actively exploited in the wild. Fancy Product Designer is a […]
Pierluigi Paganini
June 02, 2021
CyberNews researchers found that front-runners are abusing decentralized cryptocurrency exchanges by draining hundreds of millions in crypto from trader transactions on the Ethereum network. Unsuspecting traders can lose as much as $280 million to front-runners each month. Original post on CyberNews: https://cybernews.com/crypto/flash-boys-2-0-front-runners-draining-280-million-per-month-from-crypto-transactions/ As the price of bitcoin and Ether reached unprecedented highs in the past […]
Pierluigi Paganini
June 02, 2021
Group-IB discovered a database allegedly belonging to a bulletproof hosting provider DDoS-Guard posted for sale on a cybercrime forum. Group-IB, a global threat hunting and adversary-centric cyber intelligence company specializing in investigating and preventing hi-tech cybercrimes, has discovered a database allegedly belonging to a bulletproof hosting provider DDoS-Guard posted for sale on a cybercrime forum on […]
Pierluigi Paganini
June 02, 2021
Zero-day exploit broker Zerodium is looking for 0day exploits affecting the IM client tool Pidgin on Windows and Linux. Zero-day exploit broker Zerodium announced it is looking for 0day exploits affecting the IM client tool Pidgin on Windows and Linux. The company will pay up to $100,000 for zero-days in Pidgin, which is a free and open-source multi-platform instant […]
Pierluigi Paganini
June 02, 2021
The US DoJ seized two domains used by APT29 group in recent attacks impersonating the U.S. USAID to spread malware. The US Department of Justice (DoJ) and the Federal Bureau of Investigation have seized two domains used by the Russia-linked APT29 group in spear-phishing attacks that targeted government agencies, think tanks, consultants, and NGOs. Russia-linked […]
Pierluigi Paganini
May 31, 2021
The Swedish Public Health Agency has shut down the country’s infectious diseases database, SmiNet, last week after multiple hacking attempts. The Swedish Public Health Agency was forced to shut down its infectious diseases database, named SmiNet, in response to a series of hacking attempts. The Swedish Agency cannot report complete data from Wednesday at 4 […]
Pierluigi Paganini
May 31, 2021
A security researcher discovered a bug in PatchGuard Windows security feature that can allow loading unsigned malicious code into the Windows kernel. Japanese researcher Kento Oki has discovered a bug in PatchGuard that could be exploited by an attacker to load unsigned malicious code into the Windows operating system kernel. The PatchGuard, also known as […]
Pierluigi Paganini
May 31, 2021
Hackers are attempting to exploit the return to the “new normal” after the governments are removing restrictions imposed in response to COVID-19. The number of COVID-19 infections are decreasing in many countries and some governments are reducing the restrictions for their citizens. Workers are going back to offices after months of remote working and crooks […]
Pierluigi Paganini
May 30, 2021
Researchers disclosed two new attack techniques that allow modifying visible content on certified PDF documents without invalidating the digital signature. Researchers from Ruhr-University Bochum have disclosed two new attack techniques, dubbed Evil Annotation and Sneaky Signature attacks, on certified PDF documents that could potentially allow attackers to modify visible content without invalidating their digital signature. The […]
