Pierluigi Paganini
November 25, 2020
Group-IB, a global threat hunting and intelligence company, has presented its annual Hi-Tech Crime Trends 2020/2021 report. In the report, the company examines key shifts in the cybercrime world internationally between H2 2019 and H1 2020 and gives forecasts for the coming year. The most severe financial damage has occurred as a result of ransomware activity. […]
Pierluigi Paganini
November 24, 2020
2FA bypass discovered in web hosting software cPanel More than 70 million sites are managed via cPanel software, according to the company. Researchers discovered a major issue in cPanel that could be exploited by attackers to bypass two-factor authentication for cPanel accounts. Security researchers from Digital Defense have discovered a major security issue in cPanel, a popular […]
Pierluigi Paganini
November 24, 2020
Microsoft released an out-of-band update for Windows to address authentication flaws related to a recently patched Kerberos vulnerability. Microsoft released an out-of-band update to address authentication issues in Windows related to a recently patched Kerberos vulnerability tracked as CVE-2020-17049. “An out-of-band optional update is now available on the Microsoft Update Catalog to address a known […]
Pierluigi Paganini
November 24, 2020
Crooks were able to trick GoDaddy staff into handing over control of crypto-biz domain names in a classic DNS hijacking attack. Crooks were able to hijack traffic and email to various cryptocurrency-related websites as a result of a DNS hijacking attack on domains managed by GoDaddy. The threat actors were able to modify DNS settings […]
Pierluigi Paganini
November 24, 2020
Researchers uncovered a possible credential stuffing campaign that is targeting Spotify accounts using a database of 380 million login credentials. Security experts from vpnMentor have uncovered a possible credential stuffing operation that affected some Spotify accounts. Threat actors behind the campaign are using a database containing over 380 million records, including login credentials and other data for […]
Pierluigi Paganini
November 23, 2020
Boffins have demonstrated how to steal a Tesla Model X in a few minutes by exploiting vulnerabilities in the car’s keyless entry system. A team of researchers from the Computer Security and Industrial Cryptography (COSIC) group at the KU Leuven University in Belgium has demonstrated how to steal a Tesla Model X in minutes by […]
Pierluigi Paganini
November 23, 2020
TikTok has addressed a couple of security issues that could have been chained to led account takeover. The first issue addressed by the social media platform is a reflected XSS security flaw that has been reported by the bug bounty hunter Muhammed “milly” Taskiran via the bug bounty platform HackerOne. The Cross-Site-Scripting flaw affected the company […]
Pierluigi Paganini
November 23, 2020
The U.S. FBI is warning private industry partners of a surge in Ragnar Locker ransomware activity following a confirmed attack from April 2020. The U.S. Federal Bureau of Investigation (FBI) issued a flash alert (MU-000140-MW) to warn private industry partners of an increase of the Ragnar Locker ransomware activity following a confirmed attack from April […]
Pierluigi Paganini
November 22, 2020
A threat actor has published online a list of one-line exploits to steal VPN credentials from over 49,000 vulnerable Fortinet VPNs. A threat actor, who goes online with the moniker “pumpedkicks,” has leaked online a list of exploits that could be exploited to steal VPN credentials from almost 50,000 Fortinet VPN devices. Researchers from Bank Security first […]
Pierluigi Paganini
November 22, 2020
Hackers have stolen naked photos and videos from hundreds of female sports stars and celebrities and leaked them online. Threat actors have stolen naked photos and videos from hundreds of female sports stars and celebrities and leaked them online. The attack took place in the same hours as hackers hit Manchester United and brings us back […]
