Pierluigi Paganini
September 03, 2019
USBAnywhere – Tens of thousands of enterprise servers powered by Supermicro motherboards can remotely be compromised by virtually plugging in USB devices. Tens of thousands of servers worldwide powered by Supermicro motherboards are affected by a vulnerability that would allow an attacker to remotely take over them. Researchers at firmware security firm Eclypsium discovered multiple vulnerabilities […]
Pierluigi Paganini
September 03, 2019
The popular webcomic platform XKCD has suffered a data breach that exposed data of its forum users, the incident impacted 562,000 subscribers. XKCD is one of the most popular webcomic platform created by the American author Randall Munroe in 2005, it is a webcomic of romance, sarcasm, math, and language. XKCD has suffered a data […]
Pierluigi Paganini
September 03, 2019
Marco Ramilli explained MBR works and how is it possible to write a bootloader program, this skill will help you to analyze next BootLoader Malware. From time to time we might observe special Malware storing themselves into a MBR and run during the booting process. Attackers could use this neat technique to infect and to mess-up your […]
Pierluigi Paganini
September 03, 2019
Login details of more than 36 million Poshmark accounts are available for sale in the cybercrime underground. Earlier in August, Poshmark, a social commerce marketplace where people in the United States can buy and sell new or used clothing, shoes, and accessories, disclosed a data breach that took place in May 2018. The company discovered […]
Pierluigi Paganini
September 02, 2019
The United States cyber army carried out a cyberattack in June on a database used by Iran’s Islamic Revolutionary Guard Corps to plot attacks on oil tankers in the Gulf. The New York Times revealed that the US carried out a cyberattack in June on a database used by Iran’s Islamic Revolutionary Guard Corps to […]
Pierluigi Paganini
September 02, 2019
Akamai researcher Larry Cashdollar reported that a cryptocurrency miner that previously hit only Arm-powered IoT devices it now targeting Intel systems. The popular researcher Larry Cashdollar, from Akamai SIRT, announced in exclusive to The Register, that he observed a miner that previously hit only Arm-powered IoT devices targeting Intel systems. The researchers revealed that one […]
Pierluigi Paganini
September 01, 2019
Cisco released security updates for Cisco IOS XE operating system to address a critical vulnerability that could be exploited by a remote attacker to bypass authentication. Cisco released security updates for Cisco IOS XE OS to address a critical flaw, tracked as CVE-2019-12643, that could be exploited by a remote attacker to bypass authentication. “On […]
Pierluigi Paganini
September 01, 2019
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you! 80 defendants charged with participating in […]
Pierluigi Paganini
September 01, 2019
Attackers are using Google Docs to deliver the TrickBot banking Trojan to unsuspecting victims via camouflaged as PDF documents. Security experts at Cofense uncovered a malspam campaign the leverages Google Docs to deliver the TrickBot banking Trojan to unsuspecting victims via executables camouflaged as PDF documents. TrickBot is a popular banking Trojan that has been around […]
Pierluigi Paganini
August 31, 2019
Researchers from WootCloud Labs have uncovered a new IoT botnet named Ares that is targeting Android-based devices. Experts from WootCloud Labs have spotted a new IoT botnet tracked as Ares that is targeting Android-based devices that have a debug port exposed online. Experts noticed that most of the devices targeted by the bot are Android […]
