Pierluigi Paganini
September 19, 2019
A critical security flaw in Harbor cloud native registry for container images could be exploited to obtain admin privileges on a vulnerable hosting system. Palo Alto Networks’ Unit 42 researcher Aviv Sasson discovered a critical vulnerability in Harbor cloud native registry for container images. The flaw, tracked as CVE-2019-16097, could be exploited to take control […]
Pierluigi Paganini
September 18, 2019
Researchers at Greenbone Networks vulnerability analysis and management company discovered 400 Million medical radiological images exposed online via unsecured PACS servers. The experts at Greenbone Networks vulnerability analysis and management company discovered 600 unprotected servers exposed online that contained medical radiological images. The research was conducted between mid-July 2019 and early September 2019. The unprotected […]
Pierluigi Paganini
September 18, 2019
Experts at Cisco Talos group discovered a vulnerability in the AMD ATI Radeon ATIDXX64.DLL driver that could lead to VM escape. Researchers at Cisco Talos group discovered a vulnerability in the AMD ATI Radeon ATIDXX64.DLL driver that be exploited by an attacker to escale the VM and execute code on the host. This flaw affects […]
Pierluigi Paganini
September 17, 2019
Australia ‘s intelligence is sure that China is behind the cyberattacks that hit its parliament and political parties, but decided to not publicly accuse it. According to the Reuters agency, Australia’s intelligence has evidence that the attacks that hit its parliament and political parties were orchestrated by China. Anyway the Australian government decided to not […]
Pierluigi Paganini
September 17, 2019
Researchers discovered many flaws in over a dozen small office/home office (SOHO) routers and network-attached storage (NAS) devices. Security experts have discovered multiple vulnerabilities in over a dozen small office/home office (SOHO) routers and network-attached storage (NAS) devices. The research is part of a project dubbed SOHOpelessly Broken 2.0 conducted Independent Security Evaluators (ISE). In […]
Pierluigi Paganini
September 17, 2019
Experts at ReversingLabs spotted a threat actor buying digital certificates by impersonating legitimate entities and then selling them on the black market. Researchers at ReversingLabs have identified a new threat actor that is buying digital certificates by impersonating company executives, and then selling them on the black market. The experts discovered that digital certificates are then […]
Pierluigi Paganini
September 16, 2019
A flaw in LastPass password manager leaks credentials from previous site An expert discovered a flaw in the LastPass password manager that exposes login credentials entered on a site previously visited by a user. Tavis Ormandy, the popular white-hat hacker at Google Project Zero, has discovered a vulnerability in the LastPass password manager that exposes […]
Pierluigi Paganini
September 16, 2019
Cofense experts uncovered a new variant of the Astaroth Trojan that uses Facebook and YouTube in the infection process. Researchers at Cofense have uncovered a phishing campaign targeting Brazilian citizens with the Astaroth Trojan that uses Facebook and YouTube in the infection process. The attach chain appears to be very complex and starts with phishing […]
Pierluigi Paganini
September 15, 2019
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you! Experts found Joker Spyware in 24 […]
Pierluigi Paganini
September 15, 2019
Facebook addressed a vulnerability in Instagram that could have allowed attackers to access private user information. The security researcher @ZHacker13 discovered a flaw in Instagram that allowed an attacker to access account information, including user phone number and real name. ZHacker13 discovered the vulnerability in August and reported the issue to Facebook that asked for additional […]
