Hacking Archives - Page 578 of 971

Pierluigi Paganini November 10, 2018

Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks

North Korea-linked Lazarus Group has been using FastCash Trojan to compromise AIX servers to empty tens of millions of dollars from ATMs. Security experts from Symantec have discovered a malware, tracked as FastCash Trojan, that was used by the Lazarus APT Group, in a string of attacks against ATMs. The ATP group has been using this malware […]

Pierluigi Paganini November 10, 2018

Nginx server security flaws expose more than a million of servers to DoS attacks

Nginx developers released security updates to address several denial-of-service (DoS) vulnerabilities affecting the nginx web server. nginx is an HTTP and reverse proxy server, a mail proxy server, and a generic TCP/UDP proxy server, it is used by 25.28% busiest sites in October 2018. Nginx development team released versions 1.15.6 and 1.14.1 to address two HTTP/2 implementation vulnerabilities that can […]

Pierluigi Paganini November 09, 2018

VMware releases security patches for a critical virtual machine escape flaw

VMware released security patches for a critical virtual machine (VM) escape vulnerability that was recently discovered at a Chinese hacking contest. VMware has released security patches for a critical virtual machine (VM) escape vulnerability (CVE-2018-6981 and CVE-2018-6982) that was recently discovered by the researcher Zhangyanyu at the Chinese GeekPwn2018 hacking contest. The cause for the […]

Pierluigi Paganini November 09, 2018

Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder

Snowden warns of abuse of surveillance software that also had a role in the murder of the Saudi Arabian journalist Jamal Khashoggi. The popular US whistleblower Edward Snowden has reported the abuse of surveillance made by many governments, he blamed the Israeli company NSO Group for developing and selling surveillance software to Saudi Arabia. Speaking […]

Pierluigi Paganini November 09, 2018

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Guy Fawkes Day, November 5th 2018 – LulzSec Italy announced credit a string of hacks and leaks targeting numerous systems and websites across Italy. In celebration of Guy Fawkes Day, November 5th 2018, LulzSec Italy announced credit for a massive string of hacks and leaks targeting numerous systems and websites across Italy. Included in the […]

Pierluigi Paganini November 08, 2018

Experts detailed how China Telecom used BGP hijacking to redirect traffic worldwide

Security researchers revealed in a recent paper that over the past years, China Telecom used BGP hijacking to misdirect Internet traffic through China. Security researchers Chris C. Demchak and Yuval Shavitt revealed in a recent paper that over the past years, China Telecom has been misdirecting Internet traffic through China. China Telecom was a brand of the […]

Pierluigi Paganini November 08, 2018

U.S. Cyber Command CNMF Shares unclassified malware samples via VirusTotal

The U.S. Cyber Command (USCYBERCOM) CNMF is sharing malware samples with the cybersecurity industry via VirusTotal intelligence service. The U.S. Cyber Command (USCYBERCOM) is providing unclassified malware samples to VirusTotal intelligence service with the intent of sharing them with cybersecurity industry. The USCYBERCOM’s Cyber National Mission Force (CNMF) is going to share the unclassified malware samples on […]

Pierluigi Paganini November 08, 2018

XSS flaw in Evernote allows attackers to execute commands and steal files

Security expert discovered a stored XSS flaw in the Evernote app for Windows that could be exploited to steal files and execute arbitrary commands. A security expert that goes online with the moniker @sebao has discovered a stored cross-site scripting (XSS) vulnerability in the Evernote application for Windows that could be exploited by an attacker to steal files and execute […]

Pierluigi Paganini November 07, 2018

U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program

The United States Air Force announced earlier this week that it has launched the third bug bounty program called Hack the Air Force 3.0. The United States Air Force launched earlier this week its third bug bounty program, called Hack the Air Force 3.0, in collaboration with HackerOne. “Thank you for your interest in participating in HackerOne’s U.S. […]

Pierluigi Paganini November 07, 2018

A flaw in WooCommerce WordPress Plugin could be exploited to take over e-stores

A critical Remote Code Execution vulnerability affects eCommerce website running on WordPress and using the WooCommerce plugin. A critical vulnerability affects eCommerce website running on WordPress and using the WooCommerce plugin. WooCommerce is one of the major eCommerce plugins for WordPress that allows operators to easily build e-stores based on the popular CMS, it accounts for more than 4 million installations with 35% […]

Hacking

Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks

Nginx server security flaws expose more than a million of servers to DoS attacks

VMware releases security patches for a critical virtual machine escape flaw

Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Experts detailed how China Telecom used BGP hijacking to redirect traffic worldwide

U.S. Cyber Command CNMF Shares unclassified malware samples via VirusTotal

XSS flaw in Evernote allows attackers to execute commands and steal files

U.S. Air Force announced Hack the Air Force 3.0, the third Bug Bounty Program

A flaw in WooCommerce WordPress Plugin could be exploited to take over e-stores

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Qilin ransomware claimed responsibility for the attack on the beer giant Asahi

DragonForce, LockBit, and Qilin, a new triad aims to dominate the ransomware landscape

DraftKings thwarts credential stuffing attack, but urges password reset and MFA

Redis patches 13-Year-Old Lua flaw enabling Remote Code Execution

U.S. CISA adds Synacor Zimbra Collaboration Suite (ZCS) flaw to its Known Exploited Vulnerabilities catalog

QUICK LINKS

Hacking

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!