Pierluigi Paganini
January 30, 2020
Over 200K WordPress sites are exposed to attacks due to a high severity cross-site request forgery (CSRF) bug in Code Snippets plugin. A high severity cross-site request forgery (CSRF) bug, tracked as CVE-2020-8417, in Code Snippets plugin could be exploited by attackers to take over WordPress sites running vulnerable versions of the Code Snippets plugin. The […]
Pierluigi Paganini
January 30, 2020
The popular US government contractor Electronic Warfare Associates (EWA) has suffered a ransomware attack, the news was reported by ZDNet. Last week, the US government contractor Electronic Warfare Associates (EWA) has suffered a ransomware attack that also infected its web servers. Electronic Warfare Associates provides electronic equipment to the US government, the list of customers […]
Pierluigi Paganini
January 30, 2020
A leaked confidential report from the United Nations revealed that dozens of servers belonging to United Nations were “compromised” at offices in Geneva and Vienna. An internal confidential report from the United Nations that was leaked to The New Humanitarian revealed that dozens of servers of the organization were “compromised” at offices in Geneva and […]
Pierluigi Paganini
January 29, 2020
New revelations on the Wawa card data breach suggests that the incident might have exposed 30 million customers’ data that are now available online for sale. In December 2019, Wawa convenience store chain disclosed a payment card breach, its security team discovered a PoS malware on its payment processing systems. Wawa operates more than 860 convenience retail stores, this […]
Pierluigi Paganini
January 29, 2020
Security researchers have spotted a vulnerability, tracked as CVE-2020-7247, that affects a core email-related library used by many BSD and Linux distributions. Security experts from Qualys have discovered a flaw, tracked as CVE-2020-7247, in OpenSMTPD. OpenSMTPD is an open-source implementation of the server-side SMTP protocol as defined by RFC 5321, it includes also some additional […]
Pierluigi Paganini
January 29, 2020
Researchers investigate a new perceptual challenge that causes the ADAS systems and autopilots of semi/fully autonomous to consider depthless objects (phantoms) as real. Abstract The absence of deployed vehicular communication systems, which prevents the advanced driving assistance systems (ADASs) and autopilots of semi/fully autonomous cars to validate their virtual perception regarding the physical environment surrounding […]
Pierluigi Paganini
January 29, 2020
Magento has released version 2.3.4 to address multiple vulnerabilities, some of them are critical code execution issues. Magento version 2.3.4 has addressed several vulnerabilities in its e-commerce platform, come of them are critical code execution issues. The vulnerabilities affect Magento Commerce (2.3.3/2.2.10 and below), Open Source (2.3.3/2.2.10 and below), Enterprise Edition (1.14.4.3 and earlier), and […]
Pierluigi Paganini
January 29, 2020
A vulnerability in the Zoom online meeting system could be exploited to join meetings and view all content shared by participants. The popular video conferencing Zoom is affected by a vulnerability that could be exploited to join meetings and view all content shared by participants. The issue allowed anyone to remotely eavesdrop on unprotected active […]
Pierluigi Paganini
January 28, 2020
Marco Ramilli published the Cyber Threat Trends Dashboard, a useful tool that will allow us to better understand most active threats in real time. Introduction Information sharing is one of the most important activity that cybersecurity researchers do on daily basis. Thanks to “infosharing” activities it is possible to block or, in specific cases, to […]
Pierluigi Paganini
January 28, 2020
The vendor Fortinet has finally released security patches to remove the hardcoded SSH keys in Fortinet SIEM appliances. Fortinet has finally released security updates to remove the hardcoded SSH keys in Fortinet SIEM appliances. Recently Andrew Klaus, a security specialist from Cybera, discovered a hardcoded SSH public key in Fortinet’s Security Information and Event Management FortiSIEM that […]
