Pierluigi Paganini
January 06, 2021
Threat actors are attempting to hack Zyxel devices exploiting the recently disclosed vulnerability CVE-2020-29583, security researchers warn. The Taiwanese vendor Zyxel has recently addressed a critical vulnerability in its firmware, tracked as CVE-2020-29583, related to the presence of a hardcoded undocumented secret account. The vulnerability received a CVSS score of 7.8, it could be exploited by […]
Pierluigi Paganini
January 06, 2021
A joint statement issued by US security agencies confirmed that Russia was likely the origin of the SolarWinds supply chain attack. The US agencies FBI, CISA, ODNI, and the NSA released a joint statement that blames Russia for the SolarWinds supply chain attack. On behalf of President Trump, the four agencies were part of the task force […]
Pierluigi Paganini
January 05, 2021
According to a new report published by Check Point, organizations in the healthcare industry have faced a 45% increase in attacks since November. Check Point researchers reported a surge in the number of attacks against organizations in the healthcare industry, +45% since November. This is more than double the overall increase observed by the experts […]
Pierluigi Paganini
January 05, 2021
The gaming industry under attack, Over 500,000 credentials for the top two dozen leading gaming firms, including Ubisoft, leaked online. The gaming industry is a privileged target for threat actors, threat actors leaked online over 500,000 stolen credentials belonging to the top 25 gaming firms. The alarm was raised by the threat intelligence firm Kela […]
Pierluigi Paganini
January 05, 2021
A German security researcher demonstrated how to break, once again, the Google Audio reCAPTCHA with Google’s own Speech to Text API. Back in 2017, researchers from the University of Maryland demonstrated an attack method, dubbed unCaptcha, against Google’s audio-based reCAPTCHA v2. The system receives the audio challenge, downloads it, and submits it to Speech To […]
Pierluigi Paganini
January 04, 2021
Security expert spotted a new piece of malware that leverages weaponized Word documents to download a PowerShell script from GitHub. Security expert discovered a new piece of malware uses weaponized Word documents to download a PowerShell script from GitHub. This PowerShell script is also used by threat actors to download a legitimate image file from image hosting […]
Pierluigi Paganini
January 03, 2021
During a routine Dark web monitoring, the Research team at Cyble found threat actors selling 200 million+ Records of Chinese Citizens. During a routine Dark web monitoring, the Research team at Cyble found multiple posts where threat actors are offering for sale alleged data leaks related to Chinese citizens. Data might have been stolen from […]
Pierluigi Paganini
January 01, 2021
Cybercriminals are abusing Facebook ads in a large-scale phishing scam aimed at stealing victims’ login credentials. Researchers from security firm ThreatNix spotted a new large-scale campaign abusing Facebook ads. Threat actors are using Facebook ads to redirect users to Github accounts hosting phishing pages used to steal victims’ login credentials. The campaign targeted more than […]
Pierluigi Paganini
January 01, 2021
Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583, related to the presence of a hardcoded undocumented secret account. The Taiwanese vendor Zyxel has addressed a critical vulnerability in its firmware related to the presence of a hardcoded undocumented secret account. The vulnerability, tracked as CVE-2020-29583 received a CVSS score of 7.8, it could be exploited […]
Pierluigi Paganini
December 31, 2020
The threat actors behind the SolarWinds supply chain attack could have had access to the source code of several Microsoft products. The threat actors behind the SolarWinds attack could have compromised a small number of internal accounts and used at least one of them to view source code in a number of source code repositories. […]
