Pierluigi Paganini
May 07, 2020
Attackers exploited two security issues in the Elementor Pro and Ultimate Addons for Elementor WordPress plugins to fully compromise over 1M sites. Hackers are actively exploiting two security flaws in the Elementor Pro and Ultimate Addons for Elementor WordPress plugins to fully compromise unpatched WordPress installs. Security experts from Wordfence have observed a hacking campaign targeting the […]
Pierluigi Paganini
May 07, 2020
Samsung addressed this month a critical 0-click vulnerability that was discovered by security researchers from Google. Samsung released this week a security patch that addresses a critical vulnerability, tracked as CVE-2020-8899, impacting all smartphones sold since 2014. The flaw is tracked as SVE-2020-16747 in the Samsung security bulletin. “A possible memory overwrite vulnerability in Quram […]
Pierluigi Paganini
May 06, 2020
Europol arrested five members of the Infinity Black hacker group that were selling stolen user credentials and hacking tools. Europol announced another success in the fight against cybercrime, today it has arrested five Polish hackers who were members of the Infinity Black hacking group. The joint operation coordinated by the Europol, saw the participation of […]
Pierluigi Paganini
May 05, 2020
Level up Your Security Program With the Same Security Intelligence Used by the World’s Largest Governments and Many of the Fortune 1000 Recorded Future, the largest global security intelligence provider, today released a free browser extension that helps prioritize SIEM alerts and vulnerability patching, in addition to providing enhanced malware analysis. With this release, Recorded […]
Pierluigi Paganini
May 05, 2020
A proof-of-concept (PoC) exploit for the recently fixed CVE-2020-1967 denial-of-service (DoS) issue in OpenSSL has been made public. Recently, the OpenSSL Project released a security update for OpenSSL that patches a high-severity vulnerability, tracked as CVE-2020-1967, that can be exploited by attackers to launch denial-of-service (DoS) attacks. The CVE-2020-1967 vulnerability has been described as a […]
Pierluigi Paganini
May 05, 2020
Security researchers spotted a new piece of DDoS bot dubbed Kaiji that is targeting IoT devices via SSH brute-force attacks. Last week, the popular security researcher MalwareMustDie and the experts at Intezer Labs spotted a new piece of malware dubbed Kaiji, that is targeting IoT devices via SSH brute-force attacks. The malicious code was designed to target […]
Pierluigi Paganini
May 04, 2020
Microsoft warns of threat actors targeting organizations with malware-laced ISO and IMG files aimed at delivering a remote access trojan. Microsoft advanced machine learning threat detection models detected multiple malspam campaigns distributing malware-laced ISO. Last week experts from Microsoft detected a COVID-19-themed spam campaign, the messages are crafted to trick users into downloading and mounting […]
Pierluigi Paganini
May 04, 2020
The UK’s National Cyber Security Centre (NCSC) is warning of cyber attacks against UK universities and scientific institutes involved in COVID-19 research. The UK’s National Cyber Security Centre (NCSC) warned of targeted attacks against UK universities and scientific facilities that are involved in the COVID-19 research. The NCSC reported that nation-state actors are carrying out cyber […]
Pierluigi Paganini
May 04, 2020
The US DHS CISA agency issued a new alert that includes recommendations on how organizations should properly secure Microsoft Office 365 installs. The current COVID-19 pandemic is pushing organizations to adopt a growing number of cloud-based services, for this reason, the DHS CISA published a new alert that provides recommendations to secure Office 365 deployments. […]
Pierluigi Paganini
May 04, 2020
Hackers are conducting a mass-scanning the Internet for vulnerable Salt installs that could allow them to hack the organizations, the last victim is the Ghost blogging platform. Experts warn of hacking campaign that is targeting organization using the Salt platform for the management of their infrastructure, the last victim is the Ghost blogging platform. The attackers […]
Malware / September 05, 2025
