Pierluigi Paganini
December 12, 2019
The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. Microsoft experts reported that the GALLIUM hacking group exploits unpatched vulnerabilities to compromise systems running /JBoss application servers. “Microsoft Threat Intelligence Center (MSTIC) is raising […]
Pierluigi Paganini
December 12, 2019
This week, Apple addressed a flaw that can be exploited to trigger a DoS condition (AirDoS) iPhones and iPads by forcing them to continuously display a popup message. The denial-of-service (DoS) attack was discovered by The security researcher Kishan Bagaria devised a DoS attack dubbed the AirDoSÂ that works against iPhone, iPad, Mac and iPod. The […]
Pierluigi Paganini
December 12, 2019
Crooks are targeting these hundreds of sites offering counterfeit sneakers to install malicious Magecart scripts and steal payment credit card data. While sneakers are becoming even more popular, the number of sites offering counterfeit sneakers is rapidly increasing and crooks want to monetize this trend by compromising them. Researchers at Malwarebytes reported that hackers are […]
Pierluigi Paganini
December 12, 2019
For the first time, experts shed the light on the link between the TrickBot gang and the North Korea-linked APT group Lazarus. Security experts Sentinelone have published a report that for the first time sheds the light on the link between the TrickBot crimeware and the North Korea-linked APT group Lazarus. For the first time, experts shed the light on the link between […]
Pierluigi Paganini
December 11, 2019
A team of researchers devised a new attack technique, dubbed PlunderVolt, to hijack Intel SGX enclave by tweaking CPU voltage. A group of security researchers (Kit Murdock, David Oswald, Flavio D Garcia (The University of Birmingham), Jo Van Bulck, Frank Piessens (imec-DistriNet, KU Leuven), Daniel Gruss (Graz University of Technology)) demonstrated a new attack technique, dubbed PlunderVolt, to […]
Pierluigi Paganini
December 11, 2019
More than 455,000 Turkish payment card details are available for sale on a popular forum Group-IB, a Singapore-based cybersecurity company that specializes in preventing cyberattacks, has detected a massive upload of debit and credit card records mostly related to the largest Turkish banks on one of the most popular underground cardshops. More than 460,000 records […]
Pierluigi Paganini
December 11, 2019
Microsoft’s December 2019 Patch Tuesday updates fix a total of 36 flaws, including CVE-2019-1458 Windows zero-day exploited in North Korea-linked attacks Microsoft’s December 2019 Patch Tuesday updates address a total of 36 flaws, including a Windows zero-day, tracked as CVE-2019-1458 exploited in attacks linked to North Korea. The vulnerability could be exploited to execute arbitrary […]
Pierluigi Paganini
December 10, 2019
Microsoft revealed that 44 million Microsoft Azure AD and Microsoft Services accounts were vulnerable to account hijacking. Microsoft discovered that 44 million Microsoft Azure AD and Microsoft Services accounts were vulnerable to account hijacking because of using of compromised passwords. Experts from the Microsoft threat research team analyzed a database containing 3 billion leaked credentials […]
Pierluigi Paganini
December 10, 2019
Adobe released the Patch Tuesday security updates for December 2019 that address flaws in Acrobat and Reader, Photoshop CC, ColdFusion, and Brackets. Adobe Patch Tuesday security updates for December 2019 address a total of 25 flaws in Acrobat and Reader, Photoshop CC, ColdFusion, and Brackets. “Adobe has published security bulletins for Adobe Acrobat and Reader (APSB19-55), […]
Pierluigi Paganini
December 10, 2019
The popular virtual private network (VPN) service provider NordVPN announced the launch of a public bug bounty program. The virtual private network (VPN) service provider NordVPN announced the launch of a public bug bounty program. White hat hackers will receive payouts between $100 and $5,000 for each reported vulnerability. NordVPN will also pay much more […]
