Pierluigi Paganini
May 14, 2020
US authorities warned healthcare and scientific researchers that China-linked hackers were attempting to steal COVID-19 vaccine research. US authorities warned healthcare and scientific researchers that China-linked hackers were attempting to steal research related to treatments and vaccines for COVID-19. “The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are issuing this […]
Pierluigi Paganini
May 14, 2020
Experts found a critical bug in Google’s official WordPress plugin ‘Site Kit’ that could allow hackers to gain owner access to targeted sites’ Google Search Console. The Site Kit WordPress plugin makes it easy to set up and configure key Google products (i.e. Search Console, Analytics, Tag Manager, PageSpeed Insights, Optimize, and AdSense), giving users authoritative and […]
Pierluigi Paganini
May 13, 2020
German Chancellor Angela Merkel revealed that she is the target of an “outrageous” cyber espionage campaign carried out by Russia. German Chancellor Angela Merkel revealed that Russia-linked threat actors were targeting her in an “outrageous” cyberespionage campaign. “I can honestly say that it pains me. Every day I try to build a better relationship with […]
Pierluigi Paganini
May 13, 2020
The United States Cyber Command (USCYBERCOM) has uploaded five new North Korean malware samples to VirusTotal. The United States Cyber Command (USCYBERCOM) has shared five new malware samples attributed to the North Korea-linked Lazarus APT, it has uploaded the malicious code to VirusTotal. “On May 12, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the […]
Pierluigi Paganini
May 12, 2020
Trojan Lampion is back after 3 months. The malware was observed last days with a new obfuscation layer, new C2, and distributed inside an MSI file. Trojan Lampion is a malware observed at the end of the year 2019 impacting Portuguese users using template emails from the Portuguese Government Finance & Tax and EDP. The latest campaigns in Portugal were observed […]
Pierluigi Paganini
May 12, 2020
Two issues in the popular Page Builder by SiteOrigin WordPress plugin could be exploited to carry out code execution attacks on vulnerable websites. Two high severity vulnerabilities found in the Page Builder WordPress can be exploited by attackers to create new admin accounts and deliver malicious code taking over the compromised websites. The vulnerabilities are a Cross-Site Request […]
Pierluigi Paganini
May 12, 2020
Maintainers of the vBulletin project have released an important fix to address a security vulnerability tracked as CVE-2020-12720. Administrators of online discussion forums based on the popular vBulletin CMS urge to update their install to address a critical security vulnerability tracked as CVE-2020-12720. “A security exploit has been reported within vBulletin 5.6.1. To fix this issue, […]
Pierluigi Paganini
May 11, 2020
Researchers discovered a set of issues impacting Oracle’s iPlanet Web Server that could result in sensitive data exposure and limited injection attacks. Researchers discovered two security flaws impacting Oracle’s iPlanet Web Server, tracked as CVE-2020-9315 and CVE-2020-9314, that could cause sensitive data exposure and limited injection attacks. The flaws have been discovered by experts at Nightwatch […]
Pierluigi Paganini
May 10, 2020
Crooks exploit CVE-2019-18935 deserialization vulnerability to achieve remote code execution in Blue Mockingbird Monero-Mining campaign. Researchers at security firm Red Canary uncovered a Monero cryptocurrency-mining campaign, tracked as Blue Mockingbird, that exploits the CVE-2019-18935 vulnerability in web applications built on the ASP.NET framework. The deserialization vulnerability CVE-2019-18935 could be exploited by attackers to achieve remote […]
Pierluigi Paganini
May 10, 2020
Shiny Hunters hacking group is offering for sale on a dark web marketplace databases containing over 73.2 million user records from over 11 companies. A hacking group named Shiny Hunters is attempting to sell on a dark web hacking marketplace databases containing more than 73.2 million user records from 11 different companies. Shiny Hunters started offering […]
