Pierluigi Paganini
May 18, 2019
Dozens of Linksys router models are affected by a flaw that causes the leak of data that can be used by attackers …. and the company won’t fix it. Security researcher Troy Mursch, Chief Research Officer of Bad Packets, discovered that over 20,000 Linksys wireless routers are leaking full historical records of every device ever connected to them. […]
Pierluigi Paganini
May 18, 2019
Unistellar attackers have already wiped roughly 12,000 unsecured MongoDB databases exposed online over the past three. Every time hackers deleted a MongoDB database they left a message asking the administrators to contact them to restore the data. Unfortunately, the criminal practice of deleting MongoDB databases and request a ransom to restore data is common, experts […]
Pierluigi Paganini
May 17, 2019
The German newspaper Der Spiegel revealed that the software company behind TeamViewer was compromised in 2016 by Chinese hackers. China-linked hackers breached German software company behind TeamViewer in 2016, this news was reported by the German newspaper Der Spiegel According to the media outlet, Chinese state-sponsored hackers used the Winnti trojan malware to infect the systems […]
Pierluigi Paganini
May 17, 2019
A recently patched flaw in the Slack desktop application for Windows can be exploited by attackers to steal and manipulate a targeted user’s downloaded files. Slack is a cloud-based set of proprietary team collaboration tools and services, Security researcher David Wells from Tenable discovered a critical flaw in version 3.3.7 of the Slack desktop app […]
Pierluigi Paganini
May 17, 2019
Cisco had issued security updates to address 57 security flaw, including three flaws in networks management tool Prime Infrastructure. One of the flaws addressed by Cisco in the Prime Infrastructure management tool could be exploited by an unauthenticated attacker to execute arbitrary code with root privileges on PI devices. “Multiple vulnerabilities in the web-based management […]
Pierluigi Paganini
May 17, 2019
A vulnerability in the Live Chat Support plugin for WordPress could be exploited by attackers to inject malicious scripts in websites using it Researchers at Sucuri have discovered a stored/persistent cross-site scripting (XSS) vulnerability in the WP Live Chat Support plugin for WordPress. The flaw could be exploited by remote, unauthenticated attackers to inject malicious […]
Pierluigi Paganini
May 16, 2019
Titan Security Keys are affected by a severe vulnerability, for this reason, Google announced it is offering a free replacement for vulnerable devices. Google announced it is offering a free replacement for Titan Security keys affected by a serious vulnerability that could be exploited by to carry out Bluetooth attacks. The Titan Security Keys were introduced by […]
Pierluigi Paganini
May 16, 2019
Experts at Yoroi-Cybaze Z-Lab observed a spike in attacks against the banking sector and spotted a new email stealer used by the TA505 hacker group Introduction During the last month, our Threat Intelligence surveillance team spotted increasing evidence of an operation intensification against the Banking sector. In fact, many independent researchers pointed to a particular […]
Pierluigi Paganini
May 16, 2019
The Magecart gang made the headlines again, the hackers this time compromised the Forbes magazine subscription website. The Magecart group is back, the hackers this time compromised injected a skimmers script into the Forbes magazine subscription website. The malicious traffic was spotted by the security expert Troy Mursch, Chief Research Officer of Bad Packets, on Wednesday. Magecart hackers […]
Pierluigi Paganini
May 16, 2019
The BlackTech cyber-espionage group exploited the ASUS update process for WebStorage application to deliver the Plead backdoor. The cyber espionage group tracked as BlackTech compromised the ASUS update process for WebStorage application to deliver the Plead backdoor. The BlackTech group was first observed by ESET on July 2018, when it was abusing code-signing certificates stolen from D-Link for the […]
