Pierluigi Paganini
June 01, 2018
The website of the events ticketing company Ticketfly was shut down after a hacker who calls himself âIsHaKdZâ compromised it. The hacker defaced the Ticketfly website with a picture of Guy Fawkes and a warning that read âYour Security Down im Not Sorry.â The attacker also published a yandex.com email account along with the following message: […]
Pierluigi Paganini
June 01, 2018
A North Korea-linked APT group, tracked as Andariel Group, leveraged an ActiveX zero-day vulnerability in targeted attacks against South Korean entities. According to a report published by South Korean cyber-security firm AhnLab, the Andariel Group is a division of the dreaded Lazarus APT Group, it already exploited ActiveX vulnerabilities in past attacks The attackers exploited at […]
Pierluigi Paganini
May 31, 2018
The SpamCannibal blacklist service was hijacked since Wednesday morning, attackers changed the DNS name server settings for the website overnight. The SpamCannibal was born to blacklist IP address of malicious servers involved in spam campaigns and DoS attacks. SpamCannibal was using a continually updated database containing the IP addresses of spam or DoS servers and blocks their […]
Pierluigi Paganini
May 31, 2018
Dmitri Kaslov, a security researcher at Telspace Systems, discovered a vulnerability in the JScript component of the Windows operating system that can be exploited by an attacker to execute malicious code on a target computer. Kaslov disclosed the zero-day flaw through the Trend Micro Zero-Day Initiative (ZDI) back in January, then ZDI experts reported it […]
Pierluigi Paganini
May 30, 2018
The Git community disclosed a dangerous vulnerability in Git, tracked as CVE-2018-11235, that can lead to arbitrary code execution when a user operates in a malicious repository. The Git developer team and other firms offering Git repository hosting services have issued security updates to address a remote code execution vulnerability, tracked as CVE-2018-11235 in the Git […]
Pierluigi Paganini
May 30, 2018
On Monday, Two Canadaâs five largest banks, the Bank of Montreal (BMO) and Simplii Financial, informed their customers they are investigating a data breach. The security breach suffered by the Bank of Montreal (BMO) may have impacted less than 50,000 of the overall 8 million customers, the incident suffered by Simplii Financial may have exposed information of 40,000 clients. […]
Pierluigi Paganini
May 29, 2018
A vulnerability tracked as CVE-2018-11518 could be exploited by attackers to power a phreaking attack on HCL legacy Interactive Voice Response systems that do not use VoIP. These IVR systems rely on various frequencies of audio signals; based on the frequency, certain commands and functions are processed. Since these frequencies are accepted within a phone call, an attacker can […]
Pierluigi Paganini
May 29, 2018
Security experts from the 360 Core Security Team have found and successfully exploited a buffer out-of-bounds write vulnerability in EOS node when parsing a WASM file. Vulnerability Description We found and successfully exploit a buffer out-of-bounds write vulnerability in EOS when parsing a WASM file. To use this vulnerability, attacker could upload a malicious smart […]
Pierluigi Paganini
May 29, 2018
Hacker stole $1.3 million from cryptocurrency startup Taylor, the development team will stop the launch of its trading app that was initially planned for this month. The author of the Taylor cryptocurrency trading app announced a security breach, an unknown hacker has stolen around $1.35 million worth of Ether from the wallets of the company. The […]
Pierluigi Paganini
May 29, 2018
Group-IB has released a new report on Cobalt groupâs attacks against banks and financial sector organizations worldwide after the arrest of its leader. Threat intelligence firm Group-IB published an interesting report titiled “Cobalt: Evolution and Joint Operations” on the joint operations of Cobalt and Anunak (Carbanak) groups after the arrest of the leader in March 2018. Researchers reported that […]
