Pierluigi Paganini
December 30, 2020
US Cybersecurity and Infrastructure Security Agency (CISA) urges US federal agencies to update the SolarWinds Orion software by the end of the year. The US Cybersecurity and Infrastructure Security Agency (CISA) has updated its official guidance to order US federal agencies to update the SolarWinds Orion platforms by the end of the year. According to […]
Pierluigi Paganini
December 30, 2020
Google has addressed a bug in its feedback tool incorporated across its services that could have allowed attackers to view users’ private docs. Google has addressed a flaw in its feedback tool that is part of multiple of its services that could be exploited by attackers to take screenshots of sensitive Google Docs documents by […]
Pierluigi Paganini
December 29, 2020
Microsoft says that SolarWinds hackers aimed at compromising the victims’ cloud infrastructure after deploying the Solorigate backdoor (aka Sunburst). The Microsoft 365 Defender Team revealed that the goal of the threat actors behind the SolarWinds supply chain attack was to move to the victims’ cloud infrastructure once infected their network with the Sunburst/Solorigate backdoor. “With […]
Pierluigi Paganini
December 29, 2020
Japanese giant Kawasaki Heavy Industries discovered unauthorized access to a Japanese company server from multiple overseas offices. Kawasaki Heavy Industries disclosed a security breach, the company discovered unauthorized access to a Japanese company server from multiple overseas offices. Information from its overseas offices might have been stolen as a result of a security breach that […]
Pierluigi Paganini
December 29, 2020
Cybersecurity and Infrastructure Security Agency (CISA) released a tool for detecting potentially malicious activities in Azure/Microsoft 365 environments. The Cybersecurity and Infrastructure Security Agency (CISA)’s Cloud Forensics team has released a PowerShell-based tool, dubbed Sparrow, that can that helps administrators to detect anomalies and potentially malicious activities in Azure/Microsoft 365 environments. The tool was developed to […]
Pierluigi Paganini
December 28, 2020
Experts warn of a multi-platform credit card skimmer that can target online stores running on Shopify, BigCommerce, Zencart, and Woocommerce. Security experts have discovered a multi-platform credit card skimmer that can allow threat actors to harvest payment info on compromised stores powered by Shopify, BigCommerce, Zencart, and Woocommerce. Researchers from security firm Sansec discovered that the new […]
Pierluigi Paganini
December 27, 2020
White hat hacker could be a profitable profession, Cosmin Iordache earned more than $2M reporting flaws through the bug bounty program HackerOne. Iordache is the first bug bounty hunter to earn more than $2,000,000 in bounty awards through the vulnerability coordination and bug bounty program HackerOne. HackerOne announced that the bug bounty hunter Cosmin Iordache (@inhibitor181) […]
Pierluigi Paganini
December 26, 2020
GoDaddy made the headlines for an initiative that is dividing cybersecurity community, it sent phishing messages offering bonuses to its employees. GoDaddy sent an email to its employee that promised a Christmas bonus to help them to face economic problems caused by the ongoing COVID-19 pandemic. The web provider apologized Thursday for the cyber security test […]
Pierluigi Paganini
December 26, 2020
Emotet is back on Christmas Eve, cybercrime operators are sending out spam messages to deliver the infamous Trickbot Trojan. Emotet is back on Christmas Eve, after two months of silence, cybercrime operators are sending out spam messages to deliver the infamous Trickbot Trojan. The recent Emotet campaign uses updated payloads and is targeting over 100,000 […]
Pierluigi Paganini
December 25, 2020
Russian cryptocurrency exchange Livecoin was compromised on Christmas Eve, hackers breached its network and gained control of some of its servers. The Russian cryptocurrency exchange was hacked on Christmas Eve, it published a message on its website warning customers to stop using its services. “Dear clients, we ask you to stop using our service in […]
