Which are the worst passwords for 2018? SplashData report confirms that  123456 is the most used password for the 5th year in a row Bad habits are hard to die, 123456 is the most used password for the 5th year in a row followed by “password”. Even if security experts continue to make awareness campaign, people continue to […]
Security experts at Tencent’s Blade security team discovered the Magellan RCE flaw in SQLite database software that exposes billions of vulnerable apps. Security experts at Tencent’s Blade security team have discovered a critical vulnerability in SQLite database software that exposes billions of vulnerable apps to hackers. The vulnerability tracked as ‘Magellan‘ could allow remote attackers […]
This week, the WordPress development team released on Thursday the version 5.0.1 of the popular CMS, that addresses several flaws. The Researcher Tim Coen discovered several cross-site scripting (XSS) vulnerabilities in the CMS. One of the flaws is caused by the ability of contributors to edit new comments from users with higher privileges. Coen also discovered that it […]
Security experts at Palo Alto Networks uncovered a new espionage campaign carried out by Russia-Linked APT group Sofacy. Russian Cyber espionage group Sofacy (aka APT28, Pawn Storm, Fancy Bear, Sednit, Tsar Team, and Strontium)) carried out a new cyber campaign aimed at government agencies in four continents in an attempt to infect them with malware. The campaign has been focusing on Ukraine and NATO […]
The French foreign ministry announced today that its travel alert registry website had been hacked and personal data of citizens “could be misused”. The French foreign ministry confirmed tha hackers breached into the Ariane system, its travel alert registry website, and personal data of citizens “could be misused”. The Ariane system provides security alerts to registered […]
McAfee uncovered a campaign tracked as Operation Sharpshooter that hit at least 87 organizations in global defense and critical infrastructure. Security experts at McAfee uncovered a hacking campaign, tracked as Operation Sharpshooter, aimed at infrastructure companies worldwide. The threat actors are using malware associated with Lazarus APT group that carried out Sony Pictures attack back in […]
A new variant of the Shamoon malware, aka DistTrack, was uploaded to VirusTotal from Italy this week, but experts havenât linked it to a specific attack yet. Shamoon was first observed in 2012 when it infected and wiped more than 30,000 systems at Saudi Aramco and other oil companies in the Middle East. Four years later, a […]
Some of the servers of the Italian oil and gas services company Saipem were hit by a cyber attack early this week.  Saipem has customers in more than 60 countries, including Saudi Arabian oil and gas giant Saudi Aramco. It could be considered a strategic target for a broad range of threat actors. The attack has […]
Experts from Kaspersky Lab reported that that the recently patched Windows kernel zero-day vulnerability (CVE-2018-8611) has been exploited by several threat actors. Microsoftâs Patch Tuesday updates for December 2018 address nearly 40 flaws, including a zero-day vulnerability affecting the Windows kernel. The flaw, tracked as CVE-2018-8611, is as a privilege escalation flaw caused by the failure of […]
Security experts at Trend Micro have discovered a new exploit kit, dubbed Novidade (ânoveltyâ in Portuguese), that is targeting SOHO routers to compromise the devices connected to the network equipment. The Novidade exploit kit leverages cross-site request forgery (CSRF) to change the Domain Name System (DNS) settings of SOHO routers and redirect traffic from the connected […]