Pierluigi Paganini
January 19, 2021
Cyber security firm Malwarebytes announced that threat actor behind the SolarWinds attack also breached its network last year. Malwarebytes revealed today that SolarWinds hackers also breached its systems and gained access to its email. Malwarebytes joins the club of security firms that were hit by Solarwinds attackers, after FireEye, Microsoft, and CrowdStrike. The intrusion took […]
Pierluigi Paganini
January 19, 2021
The threat actors behind the SolarWinds attack used malware dubbed Raindrop for lateral movement and deploying additional payloads. Security experts from Symantec revealed that threat actors behind the SolarWinds supply chain attack leveraged a malware named Raindrop for lateral movement and deploying additional payloads. Raindrop is the fourth malware that was discovered investigating the SolarWinds […]
Pierluigi Paganini
January 19, 2021
Security researchers uncovered a series of attacks conducted by the FreakOut botnet that leveraged recently discovered vulnerabilities. Security researchers from Check Point have uncovered a series of attacks associated with the FreakOut botnet that is targeting multiple unpatched flaws in applications running on top of Linux systems. The botnet appeared in the threat landscape in […]
Pierluigi Paganini
January 19, 2021
The Federal Bureau of Investigation (FBI) has issued a notification warning of ongoing vishing attacks attempting to steal corporate accounts. The Federal Bureau of Investigation (FBI) published a Private Industry Notification (PIN) that warns of ongoing vishing attacks aimed at stealing corporate accounts and credentials from US and international-based employees. Vishing (also known as voice phishing) is a social engineering […]
Pierluigi Paganini
January 18, 2021
The OpenWRT forum, the community behind the open-source project for embedded operating systems based on Linux, disclosed a data breach. OpenWrt is an open-source project for embedded operating systems based on Linux, primarily used on embedded devices to route network traffic. The main components are Linux, util-linux, musl, and BusyBox. All components have been optimized […]
Pierluigi Paganini
January 18, 2021
Experts from Cyble recently found a leak of 500K+ records of C-level people from Capital Economics on a Russian-speaking forum. During a routine Darkweb monitoring, researchers from Cyble found a leak of 500K+ records of C-level people from Capital Economics on a Russian-speaking forum. CapitalEconomics.com is one of the leading independent economic research companies in the world that provides macroeconomic, financial market and sectoral forecasts and consultancy. […]
Pierluigi Paganini
January 18, 2021
A duo of white hat hackers claims to have earned $50,000 from Apple for reporting serious flaws that allowed them to company’s servers. The Indian white hat hackers Harsh Jaiswal and Rahul Maini claim to have discovered multiple flaws that allowed them to access Apple servers. The duo started focusing on Apple’s infrastructure in an […]
Pierluigi Paganini
January 17, 2021
Two vulnerabilities in the Orbit Fox WordPress plugin, a privilege-escalation issue and a stored XSS bug, can allow site takeover. Security experts from Wordfence have discovered two security vulnerabilities in the Orbit Fox WordPress plugin. The flaws are a privilege-escalation vulnerability and a stored XSS bug that impacts over 40,000 installs. The Orbit Fox plugin […]
Pierluigi Paganini
January 16, 2021
The development team behind the Linux Mint distro has fixed a security flaw that could have allowed users to bypass the OS screensaver. The maintainers of the Linux Mint project have addressed a security bug that could have allowed attackers to bypass the OS screensaver. The curious aspect of this vulnerability is related to its […]
Pierluigi Paganini
January 15, 2021
The researcher John Page launched malvuln.com, the first website exclusively dedicated to the research of security flaws in malware codes. The security expert John Page (aka hyp3rlinx) launched malvuln.com, the first platform exclusively dedicated to the research of security flaws in malware codes. The news was first announced by SecurityWeek, the researcher explained that Malvuln is […]
