Pierluigi Paganini
December 17, 2019
Another year is ending and this is the right time to discover which are the worst passwords of 2019 by analyzing data leaked in various data breaches. Independent anonymous researchers, compiled and shared with security firm NordPass a list of 200 most popular passwords that were leaked in data breaches during 2019. The company collected […]
Pierluigi Paganini
December 16, 2019
Schneider Electric addressed several vulnerabilities in some Modicon controllers and several EcoStruxure products. Schneider Electric addresses three denial-of-service (DoS) vulnerabilities Schneider Electric Modicon M580, M340, Quantum and Premium controllers. The vendor has informed its customers that all three flaws are caused by improper check for unusual or exceptional conditions. The three vulnerabilities are: The first […]
Pierluigi Paganini
December 16, 2019
NPM, the biggest package manager for JavaScript libraries, has addressed a vulnerability that could be exploited to execute “binary planting” attacks. NPM maintainers have addressed a vulnerability that could allow a package publisher to modify and/or gain access to arbitrary files on a userâs system when the package is installed, so-called “binary planting” attacks. The vulnerability […]
Pierluigi Paganini
December 15, 2019
From iPhone to NT AUTHORITY\SYSTEM – As promised in my previous post, I will show you how to exploit the âPrintconfigâ dll with a real world example. But what does Appleâs iPhone have to do with it?? Well, keep on readingâŠÂ (sorry no) Some time ago, me and my âbusiness partnerâ @padovah4ck, were looking for possible privileged […]
Pierluigi Paganini
December 15, 2019
Iran telecommunications minister announced that for the second time in a week Iran has foiled a cyber attack against its infrastructure. Iran has foiled a new cyber-attack, the country’s telecommunications minister Mohammad Javad Azari-Jahromi says. A few days ago, the Iranian telecommunications minister Mohammad Javad Azari Jahromi, announced that the Islamic Republic had recently thwarted […]
Pierluigi Paganini
December 15, 2019
The largest hospital in New Jersey announced on Friday that a ransomware attack last week disrupted its network and that it paid a ransom. The largest hospital in New Jersey, the Hackensack Meridian Health, was the victim of a ransomware attack last week that disrupted its network, the IT staff decided to pay the ransom […]
Pierluigi Paganini
December 15, 2019
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs SEC Xtractor â Experts released an open-source hardware analysis tool US authorities charged Dridex gang members for stealing over $100 Million A bug in the decryptor for the Ryuk ransomware could cause data loss China 3-5-2 directive orders […]
Pierluigi Paganini
December 14, 2019
The city of New Orleans is the last victim of a string of ransomware attacks that hit major American cities, including Atlanta and Baltimore. New Orleans officials announced in a press conference that the city was hit by a ransomware attack, the incident was discovered in the morning of December 13, 2019. The IT staff […]
Pierluigi Paganini
December 13, 2019
Experts discovered tens of flaws in the Siemens SPPA-T3000 control systems that could be exploited to attack fossil and renewable power plants. Siemens informed customers that the SPPA-T3000 Application Server is affected by 19 vulnerabilities and the SPAA-T3000 MS3000 Migration Server is impacted by 35 security issues. Some of the vulnerabilities have been rated as […]
Pierluigi Paganini
December 13, 2019
Shopin founder charged by SEC for running $42 million scam cryptocurrency ICO The US Securities and Exchange Commission (SEC) has charged the founder of Shopin, Eran Eyal, for allegedly running $42 million scam ICO. The Securities and Exchange Commission today charged a digital-asset entrepreneur and his company with defrauding investors in an initial coin offering (ICO) […]
