Pierluigi Paganini
May 12, 2019
The paradox, the USB stick eyeDisk that uses iris recognition to unlock the drive could reveal the deviceās password in plain text in a simple way. eyeDisk is a USB stick that uses iris recognition to unlock the drive, it is advertised as the “Unhackable USB Flash Drive,” instead it could reveal the deviceās password […]
Pierluigi Paganini
May 12, 2019
The Turkish Personal Data Protection Authority fined Facebook $270,000 for the Photo API bug that exposed personal photos of 300,000 Turkish users. The Turkish Personal Data Protection Authority (KVKK) has fined Facebook 1.65 million Turkish lira ($270,000) for the Photo API bug that exposed personal photos of 300,000 Turkish users. In December, Facebook announced that […]
Pierluigi Paganini
May 11, 2019
Researchers at Cisco Talos discovered anĀ use-after-free() vulnerability in SQLite that could be exploited by an attacker to remotely execute code on an affected device. Cisco Talos experts discovered anĀ use-after-free() flaw in SQLite that could be exploited by an attacker to remotely execute code on an affected device. An attacker can trigger the flaw by sending […]
Pierluigi Paganini
May 11, 2019
Security researcher Gjoko Krstic from Applied Risk discovered over 100 vulnerabilities that expose buildings to cyber attacks. Security researcher Gjoko Krstic from Applied Risk discovered over 100 vulnerabilities in management and access control systems from four major vendors. An attacker can exploit the vulnerabilities to gain full control of the vulnerable products and access to […]
Pierluigi Paganini
May 11, 2019
The U.S. Department of Justice charged nine individuals connected to a hacking crew focused on identity theft and SIM swapping attacks. The U.S. DoJ announcedĀ charges against nine individuals, 6 members of a hacking group known as ‘The Community’ and 3 former employees of mobile phone providers. The latter group helped the hackers to steal roughly […]
Pierluigi Paganini
May 11, 2019
According to researchers at AT&T Alien Labs, threat actors are attempting to exploit the CVE-2019-0604 Microsoft Sharepoint vulnerability in attacks in the wild. AlienLabs has seen a number of reports related to the active exploitation of the CVE-2019-0604 vulnerability in Microsoft Sharepoint. The CVE-2019-0604 vulnerability is a remote code execution flaw that is caused by […]
Pierluigi Paganini
May 10, 2019
Security researchers at the Imaginary team discovered a Heap Buffer Overflow Vulnerability in Kaspersky Antivirus Engine and responsibly reported it. Security experts at the Imaginary team discovered a Heap Buffer Overflow vulnerability in Kaspersky Antivirus Engine. The flaw tracked as CVE-2019-8285 affects Kaspersky Lab Antivirus Engine version before 04.apr.2019 and potentially allows arbitrary code execution. […]
Pierluigi Paganini
May 10, 2019
A Russian hacking group Fxmsp is offering for sale the access to the networks of at least three antivirus companies in the US and source code of their software. Fxmsp is a high-profile Russian- and English-speaking hacking group focused on breaching high-profile private corporate and government information. The group is offering the accesses to the […]
Pierluigi Paganini
May 10, 2019
US DoJ indicted a member of sophisticated China-based hacking group for series of computer intrusions. The group is also responsible for the 2015 Health Insurer Anthem data breach. The US Department of Justice indicted Fujie Wang (32), a member of sophisticated Chinese hacking group that breached at several US companies, including the health insurer Anthem […]
Pierluigi Paganini
May 09, 2019
Since December 2015, Alpine Linux Docker images have been shipped with hardcoded credentials, a NULL password for the root user. Security researchers from Cisco revealed that Alpine Linux Docker images distributed via the official Docker Hub portal since December 2015 have been using a NULL password for the root account, The NULL password for the root […]
