Pierluigi Paganini
November 27, 2019
A group under the Magecart umbrella adopted a new tactic that leverages on MiTM and phishing attacks to target sites using external payment processors. Security experts at RiskIQ continue to monitor activities of several Magecart groups, recently they spotted a new crew, tracked as Full(z) House, that leverages phishing and web skimming for its attacks. The Full(z) […]
Pierluigi Paganini
November 26, 2019
Kaspersky has fixed several flaws affecting the web protection features implemented in some of its security products Kaspersky has addressed several vulnerabilities in the web protection features implemented in its antivirus solutions, including Internet Security, Total Security, Free Anti-Virus, Security Cloud, and Small Office Security products. The vulnerabilities were found by the security researcher Wladimir […]
Pierluigi Paganini
November 26, 2019
Aircraft warning lights, an essential component of the aviation infrastructure, but they pose a serious risk if controlled by hackers. The independent researcher Amitay Dan discovered that control panels for aircraft warning lights were exposed to the Internet, potentially allowing attackers to control them with unpredictable and catastrophic consequences. Aircraft warning lights are important components of […]
Pierluigi Paganini
November 26, 2019
Researchers at SEC Consult Vulnerability Lab discovered multiple issues in several security products from Fortinet, including hardcoded key and encryption for communications. Security researchers from SEC Consult Vulnerability Lab discovered that multiple Fortinet products use a weak encryption cipher (“XOR” with a static key) and cryptographic keys to communicate with the FortiGuard Web Filter, AntiSpam […]
Pierluigi Paganini
November 25, 2019
Over the summer, the Apache Solr team addressed a remote code execution flaw, not a working exploit code was published online. The bug addressed by the Apache Solr team fixed over the summer is more dangerous than initially thought. Apache Solr is a highly reliable, scalable and fault-tolerant, open-source search engine written in Java. Solr […]
Pierluigi Paganini
November 25, 2019
Crooks behind the Raccoon Stealer have adopted a simple and effective technique to circumvent popular anti-spam messaging gateways. Cybercriminals behind the Raccoon Stealer have adopted a simple and effective technique to circumvent Microsoft and Symantec anti-spam messaging gateways. The Raccoon stealer was first spotted in April, it was designed to steal victims’ credit card data, […]
Pierluigi Paganini
November 24, 2019
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Experts found undocumented access feature in Siemens SIMATIC PLCs Tianfu Cup 2019 Day 1 – Chinese experts hacked Chrome, Edge, Safari, Office365 Crooks use carding bots to check stolen card data ahead of the holiday season Experts report […]
Pierluigi Paganini
November 23, 2019
Kaspersky researchers found dozens of flaws in four popular open-source virtual network computing (VNC) systems. Experts from Kaspersky analyzed several different implementations of a remote access system called Virtual Network Computing (VNC) and identified a number of memory corruption vulnerabilities. Some of the vulnerabilities found by the experts could lead to remote code execution. The […]
Pierluigi Paganini
November 22, 2019
The Payment solutions giant Edenred disclosed a malware incident that affected some of its computing systems, it immediately started an investigation. The Payment solutions giant Edenred announced that some of its computing systems have been infected with malware, the company is currently investigating the incident. Edenred is a French company specialized in prepaid corporate services. […]
Pierluigi Paganini
November 21, 2019
Google announced that it will increase bug bounty rewards for Android, it will pay up to $1.5 million for bugs that allow to hack new Titan M security chip. At the end of 2018, Google announced its Titan M dedicated security chip that is currently installed on Google Pixel 3 and Pixel 4 devices. The […]
