Pierluigi Paganini
November 10, 2020
Ransomware operators use fake Microsoft Teams updates to deploy Cobalt Strike and compromise the target networks. Ransomware operators are using malicious fake Microsoft Teams updates to deliver backdoors that lead the installation of the Cobalt Strike post-exploitation tool and compromise the target network. The ongoing COVID-19 pandemic is forcing a growing number of organizations and […]
Pierluigi Paganini
November 10, 2020
Researchers from Kaspersky Lab spotted a new Android banking Trojan, dubbed Ghimob, that is able to steal data from 112 financial Apps Ghimob is a new Android banking Trojan discovered by Kaspersky that is able to steal data from 112 financial apps. In July, cybersecurity researchers from Kaspersky Lab have detailed four different families of […]
Pierluigi Paganini
November 09, 2020
While investigating a cyber attack on the Microsoft Exchange server of an organization in Kuwait, experts found two new Powershell backdoors. Security experts from Palo Alto Networks have spotted two never-before-detected Powershell backdoors while investigating an attack on Microsoft Exchange servers at an organization in Kuwait. Experts attribute the attack to a known threat actor […]
Pierluigi Paganini
November 09, 2020
The Taiwanese electronics manufacture Compal suffered a ransomware attack over the weekend, media blames the DoppelPaymer ransomware gang. Compal Electronics is a Taiwanese original design manufacturer (ODM), handling the production of notebook computers, monitors, tablets and televisions for a variety of clients around the world, including Apple Inc., Acer, Lenovo, Dell, Toshiba, Hewlett-Packard and Fujitsu. […]
Pierluigi Paganini
November 09, 2020
The FBI warns that threat actors are abusing misconfigured SonarQube applications to steal source code from US government agencies and businesses. The Federal Bureau of Investigation has issued an alert warning that threat actors are abusing misconfigured SonarQube applications to access and steal source code repositories from US government agencies and businesses. The alert, coded […]
Pierluigi Paganini
November 09, 2020
Many popular OS and applications have been hacked during this year’s edition of the Tianfu Cup hacking competition. This year’s edition of the Tianfu Cup hacking competition was very prolific, bug bounty hackers have discovered multiple vulnerabilities in multiple software and applications. The Tianfu Cup is the most important hacking contest held in China, the […]
Pierluigi Paganini
November 08, 2020
On the third day of the Pwn2Own Tokyo 2020 bug bounty hunters hacked a Synology NAS and had multiple partial successes. We are on day three of the popular Pwn2Own Tokyo hacking competition that due to the COVID-19 pandemic has been arranged as a virtual event. The Pwn2Own Tokyo is actually coordinated by Zero Day Initiative from Toronto, […]
Pierluigi Paganini
November 08, 2020
A data breach suffered by Luxottica has exposed the personal and health information of patients of LensCrafters, Target Optical, and EyeMed. Luxottica Group S.p.A. is an Italian eyewear conglomerate and the world’s largest company in the eyewear industry. As a vertically integrated company, Luxottica designs, manufactures, distributes and retails its eyewear brands, including LensCrafters, Sunglass Hut, […]
Pierluigi Paganini
November 08, 2020
Experts spotted a creative Office 365 phishing campaign that inverts images used as backgrounds for landing pages to avoid getting flagged as malicious. Researchers at WMC Global have spotted a new creative Office 365 phishing campaign that has been inverting images used as backgrounds for landing pages to avoid getting flagged as malicious by security […]
Pierluigi Paganini
November 07, 2020
On the second day of the Pwn2Own Tokyo 2020 hacking competition, bug bounty hunters hacked a TP-Link router and a Synology NAS. Day 2 of the popular Pwn2Own Tokyo hacking competition is concluded, due to the COVID-19 pandemic the competition has been arranged as a virtual event. The Pwn2Own Tokyo is actually coordinated by Zero Day Initiative from […]
