Pierluigi Paganini
October 09, 2019
vBulletin has recently published a new security patch update that addresses three high-severity vulnerabilities in the popular forum software. vBulletin has recently published a new security patch update that addresses three high-severity flaws in vBulletin 5.5.4 and prior versions. The vulnerabilities could be exploited by remote attackers to take complete control over targeted web servers […]
Pierluigi Paganini
October 09, 2019
Hackers have compromised the infrastructure of Volusion and are distributing malicious software skimmers to steal payment card data provided by users. Volusion is a privately-held technology company that provides ecommerce software and marketing and web design services for small and medium sized businesses. The company has over 250 employees and has served more than 180,000 customers since its founding in 1999. […]
Pierluigi Paganini
October 09, 2019
Security researchers discovered a code-execution vulnerability that affects versions through 9.0.4 of the Ghidra software reverse engineering (SRE) framework. GHIDRA is a multi-platform reverse engineering framework that runs on major OSs (Windows, macOS, and Linux). The framework was first mentioned in the CIA Vault 7 dump that was leaked in 2017. WikiLeaks obtained thousands of files allegedly originating from […]
Pierluigi Paganini
October 08, 2019
Researchers from MalwareBytes and HYAS Threat Intelligence linked one of the hacking groups under the Magecart umbrella to the notorious Cobalt cybercrime Group. Hacker groups under the Magecart umbrella continue to target organizations worldwide to steal payment card data with so-called software skimmers. Security firms have monitored the activities of a dozen groups at least since 2010. According to […]
Pierluigi Paganini
October 08, 2019
One of the victims of the Muhstik ransomware gang who initially paid the ransomware, decided to hack back the crooks and released their decryption keys. Tobias Frömel, is a German software developer, who was a victim of the Muhstik ransomware. Frömel initially paid the ransom to decrypt his files, but later decided to get his […]
Pierluigi Paganini
October 08, 2019
Patches for Internet Explorer Zero-Day Causing Problems for Many Users Microsoft released a new set of patches for a zero-day flaw in Internet Explorer recently fixed due to problems reported by users with the previous patch. On September 23, Microsoft released an out-of-band patch to address a zero-day memory corruption flaw in Internet Explorer (CVE-2019-1367) that […]
Pierluigi Paganini
October 08, 2019
Researchers from Akamai uncovered a new campaign targeting the Drupalgeddon2 vulnerability to deliver malware. The popular security expert Larry W. Cashdollar from Akamai has uncovered a new campaign targeting the popular Drupalgeddon2 vulnerability (CVE-2018-7600) to deliver malware. Drupalgeddon2 is a “highly critical” vulnerability that affects Drupal 7 and 8 core, it could be exploited by an attacker […]
Pierluigi Paganini
October 07, 2019
Researchers at Fortinet’s FortiGuard Labs have publicly disclosed a critical remote code execution vulnerability affecting some models of D-Link routers. Security experts at Fortinet’s FortiGuard Labs disclosed a remote code execution vulnerability tracked as CVE-2019-16920. The vulnerability is an unauthenticated command injection issue that was discovered on September 2019. The flaw has received a CVSS v31 base […]
Pierluigi Paganini
October 07, 2019
The United States and Baltic announced cooperation to protect the Baltic energy grid from cyber attacks as they disconnect from the Russian electricity grid. The US and Baltic agreed to cooperate to protect the Baltic energy grid from cyber attacks as they disconnect from the Russian electricity grid. US Energy Secretary Rick Perry and counterparts […]
Pierluigi Paganini
October 07, 2019
The popular data breach notification service Have I Been Pwned? (HIBP) has added the stolen data from the StreetEasy and Sephora data incidents. Have I Been Pwned? (HIBP), the popular service that allows users to check whether their personal data has been compromised by data breaches has added the stolen data from the StreetEasy and Sephora data […]
