Pierluigi Paganini
October 21, 2021
A vulnerability in the WinRAR is a trialware file archiver utility for Windows could be exploited by a remote attacker to hack a system. Positive Technologies researcher Igor Sak-Sakovskiy discovered a remote code execution vulnerability, tracked as CVE-2021-35052, in the popular WinRAR trialware file archiver utility for Windows. The vulnerability affects the trial version of […]
Pierluigi Paganini
October 20, 2021
A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google’s Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late 2019. According to Google’s Threat Analysis Group (TAG) researchers, who spotted the campaign, the attacks were launched by multiple hack-for-hire […]
Pierluigi Paganini
October 20, 2021
China-linked cyberespionage group LightBasin hacked mobile telephone networks around the world and used specialized tools to access calling records. A China-linked hacking group, tracked as LightBasin (aka UNC1945), hacked mobile telephone networks around the globe and used specialized tools to access calling records and text messages from telecommunications companies. The cyberespionage group has been active […]
Pierluigi Paganini
October 20, 2021
Zero-day exploit broker Zerodium announced it is looking for zero-day vulnerabilities in the Windows clients of ExpressVPN, NordVPN, and Surfshark. Zerodium is looking to pay for zero-day exploits for vulnerabilities in the Windows clients of three virtual private network (VPN) service providers, ExpressVPN, NordVPN, and Surfshark. The company announced with a message posted on Twitter: […]
Pierluigi Paganini
October 19, 2021
Symantec spotted a previously unknown nation-state actor, tracked as Harvester, that is targeting telecommunication providers and IT firms in South Asia. Symantec spotted a previously unknown nation-state actor, tracked as Harvester, that is using a custom implant, dubbed Backdoor.Graphon, in attacks aimed at telecommunication providers, IT firms, and government entities in South Asia. At this […]
Pierluigi Paganini
October 18, 2021
The Uptycs Threat Research Team spotted a campaign in which the TeamTNT threat actors deployed a malicious container image on Docker hub. The Uptycs Threat Research Team recently identified a campaign in which the TeamTNT threat actors deployed a malicious container image (hosted on Docker Hub) with an embedded script to download Zgrab scanner and masscanner—penetration testing tools […]
Pierluigi Paganini
October 18, 2021
Experts discovered several unprotected installs of open source event monitoring solution Prometheus that may expose sensitive data. JFrog researchers have discovered multiple unprotected instances of open source event monitoring solution Prometheus that may leak sensitive data. The solution scrapes real-time metrics from multiple endpoints, it is used by several major organizations such as Uber. Prometheus’ […]
Pierluigi Paganini
October 18, 2021
Researchers warn of an Ad-Blocking Chrome extension that was abused by threat actors to Injecting Ads in Google search pages. Researchers from Imperva have spotted a new deceptive ad injection campaign that is targeting users of some large websites leveraging an AD-blocking extension, named AllBlock, that is available on both Chrome and Opera browsers. Ad […]
Pierluigi Paganini
October 17, 2021
White hat hackers earned $1.88 million at the Tianfu Cup hacking contest by finding vulnerabilities in popular software. The Tianfu Cup is the most important hacking contest held in China, this year white hat hackers earned $1.88 Million demonstrating vulnerabilities in popular software. The edition of this year took place on October 16 and 17 […]
Pierluigi Paganini
October 16, 2021
Russia-linked TA505 group leverages a lightweight Office file to spread malware in a campaign, tracked as MirrorBlast, aimed at financial institutions. Russia-linked APT group TA505 (e.g. Evil Corp) is leveraging a lightweight Office file in a new malware campaign, tracked as MirrorBlast, targeting financial institutions in multiple geographies. TA505 hacking group has been active since 2014 […]
