Hacking

Pierluigi Paganini April 08, 2021
Cisco fixed multiple flaws in SD-WAN vManage Software, including a critical RCE

Cisco has addressed a critical pre-authentication remote code execution (RCE) vulnerability in the SD-WAN vManage Software. Cisco has addressed multiple vulnerabilities in Cisco SD-WAN vManage Software that could be exploited by an unauthenticated, remote attacker to execute arbitrary code or by an authenticated, local attacker to gain escalated privileges on vulnerable systems. The most severe vulnerability […]

Pierluigi Paganini April 08, 2021
User database was also hacked in the recent hack of PHP ‘s Git Server

The maintainers of the PHP programming language confirmed that threat actors may have compromised a user database containing their passwords. The maintainers of the PHP programming language have provided an update regarding the security breach that took place on March 28. Unknown attackers hacked the official Git server of the PHP programming language and pushed […]

Pierluigi Paganini April 07, 2021
Pwn2Own 2021 Day 1 – participants earned more than $500k

The Pwn2Own 2021 hacking competition has begun and white hat hackers participants earned more than $500000 on the first day. The Pwn2Own 2021 has begun, this year the formula for the popular hacking competition sees the distribution of the participants amongst various locations. The competition’s organizer, Trend Micro’s Zero Day Initiative (ZDI), describes this year’s […]

Pierluigi Paganini April 07, 2021
European Commission and other institutions were hit by a major cyber-attack

Not only the European Commission, but many other organizations of the European Union have been targeted by a cyberattack in March. A European Commission spokesperson confirmed that the European Commission, along with other European Union organizations, was hit by a cyberattack in March. The authorities did not disclose any details about the type of threats […]

Pierluigi Paganini April 06, 2021
SAP systems are targeted within 72 hours after updates are released

On-premises SAP systems are targeted by threat actors within 72 hours after security patches are released, security SAP security firm Onapsis warns. According to a joint study published by Onapsis and SAP, on-premises SAP systems are targeted by threat actors within 72 hours after security patches are released. Threat actors perform reverse-engineering of the SAP […]

Pierluigi Paganini April 06, 2021
Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda, Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing. The threat actors are sending out spear-phishing messages to compromise diplomatic targets in Southeast […]

Pierluigi Paganini April 05, 2021
33.4% of ICS computers hit by a cyber attack in H2 2020

H2 2020 – Kaspersky observed an increase in ransomware attacks on industrial control system (ICS) systems in developed countries. Cybersecurity firm Kaspersky has published the Industrial Control System Threat Landscape report for H2 2020 which is based on statistical data collected by the distributed antivirus Kaspersky Security Network (KSN).  The data analyzed by the experts were received […]

Pierluigi Paganini April 05, 2021
Firmware attacks, a grey area in cybersecurity of organizations

A new report published by Microsoft revealed that 80% of global enterprises were victims of a firmware-focused cyberattack. Microsoft recently published a report that states, titled “March 2021 Security Signals report,” that revealed that more than 80% of enterprises were victims of at least one firmware attack in the past two years. The study pointed out that […]

Pierluigi Paganini April 03, 2021
Capital One discovered more customers’ SSNs exposed in 2019 hack

More clients of Capital One have been impacted in the 2019 data breach, the US bank is notifying them of their SSNs exposure. US bank Capital One notified a number of additional customers that their Social Security numbers were exposed in the data breach that took place in July 2019. A hacker that was going […]

Pierluigi Paganini April 03, 2021
Attackers are abusing GitHub infrastructure to mine cryptocurrency

The popular code repository hosting service GitHub is investigating a crypto-mining campaign abusing its infrastructure. Code repository hosting service GitHub launched an investigation in a series of attacks aimed at abusing its infrastructure to illicitly mine cryptocurrency. Such kind of attacks was reported at least since the end of 2020, when some software developers reported the malicious activity […]