Pierluigi Paganini
October 12, 2019
FireEye Mandiant discovered that the FIN7 hacking group added new tools to its cyber arsenal, including a module to target remote administration software of ATM vendor. Security experts at FireEye Mandiant discovered that the FIN7 hacking group has added new tools to its arsenal, including a new loader and a module that hooks into the legitimate […]
Pierluigi Paganini
October 12, 2019
Security researchers at Adaptive Mobile who discovered the SimJacker issue have published the list of countries where mobile operators use flawed SIM cards. Exactly one month ago, researchers at AdaptiveMobile Security disclosed a critical vulnerability in SIM cards dubbed SimJacker that could be exploited by remote attackers to compromise targeted mobile phones and spy on victims just […]
Pierluigi Paganini
October 11, 2019
SafeBreach experts discovered that the HP Touchpoint Analytics service is affected by a potentially serious vulnerability. Security researchers at SafeBreach have discovered that the HP Touchpoint Analytics service is affected by a serious flaw tracked as CVE-2019-6333. The vulnerability received a CVSS score of 6.7 (medium severity). The TouchPoint Analytics is a service that allows the vendor to […]
Pierluigi Paganini
October 11, 2019
Popular prostitution and escort forums in Italy and the Netherlands have been hacked and data have been offered for sale in the cybercrime underground. A Bulgarian hacker known as InstaKilla has breached two online escort forums and stole the user information that he is now offering for sale on a hacking forum. The two escort […]
Pierluigi Paganini
October 11, 2019
A vulnerability in Sophos Cyberoam firewalls could be exploited by an attacker to gain access to a target’s internal network without authentication. Sophos addressed a vulnerability in its Cyberoam firewalls that could be exploited by an attacker to gain access to a company’s internal network without providing a password. “A critical shell injection vulnerability in Sophos […]
Pierluigi Paganini
October 10, 2019
New espionage malware found targeting Russian-speaking users in Eastern Europe ESET found an advanced malware piece of malware named Attor, targeting diplomats and high-profile Russian-speaking users in Eastern Europe. ESET researchers discovered an advanced malware piece of malware named Attor, that was used in cyberespionage operations on diplomats and high-profile Russian-speaking users in Eastern Europe. […]
Pierluigi Paganini
October 10, 2019
NSO Group ‘s surveillance spyware made the headlines again, this time the malware was used to spy on 2 rights activists in Morocco according Amnesty International. Amnesty International collected evidence of new abuses of the NSO Group ‘s surveillance spyware, this time the malware was used to spy two rights activists in Morocco. Experts at […]
Pierluigi Paganini
October 10, 2019
Security experts discovered a critical remote code execution vulnerability, tracked as CVE-2019-9535, in the GPL-licensed iTerm2 macOS terminal emulator app. Security experts at cybersecurity firm Radically Open Security (ROS) discovered a 7-year old critical remote code execution vulnerability in the GPL-licensed iTerm2 macOS terminal emulator app. The iTerm2 macOS terminal emulator app is one of the most […]
Pierluigi Paganini
October 09, 2019
NSA is warning of multiple state-sponsored cyberespionage groups exploiting enterprise VPN Flaws Last week, the UK’s National Cyber Security Centre (NCSC) reported that advanced persistent threat (APT) groups have been exploiting recently disclosed VPN vulnerabilities in enterprise VPN products in attacks in the wild. Threat actors leverage VPN vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure, to […]
Pierluigi Paganini
October 09, 2019
vBulletin has recently published a new security patch update that addresses three high-severity vulnerabilities in the popular forum software. vBulletin has recently published a new security patch update that addresses three high-severity flaws in vBulletin 5.5.4 and prior versions. The vulnerabilities could be exploited by remote attackers to take complete control over targeted web servers […]
