Pierluigi Paganini
November 26, 2018
Nicholas Truglia, a 21-years-old man from New York, has stolen $1 million from Silicon Valley executive via SIM swap, and targeted other indivisuals. Nicholas Truglia, a 21-years-old man from New York, has been accused of stealing $1 million from Silicon Valley executive via SIM swap. He gained access to his phone number and used it impersonate […]
Pierluigi Paganini
November 25, 2018
Researchers at AppRiver uncovered a very trivial phishing campaign targeting the streaming service Spotify, anyway, it is important to share info about it. Security researchers at AppRiver uncovered a phishing campaign targeting the popular streaming service Spotify. The phishing campaign was discovered earlier November, attackers used convincing emails to trick Spotify users into providing their account credentials. The messages include a […]
Pierluigi Paganini
November 25, 2018
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! · 6,500+ sites deleted after Dark Web hosting […]
Pierluigi Paganini
November 24, 2018
According to security reearchers at Trend Micro, the North Korea-linked APT group Lazarus recently targeted banks in Latin America. The North Korea-linked APT group Lazarus recently targeted banks in Latin America, Trend Micro experts reported. The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts […]
Pierluigi Paganini
November 23, 2018
Group-IB security experts are warning about the increasing scammers’ activity during the Black Friday and Cyber Monday Sales Group-IB, an international company that specializes in preventing cyber attacks, warns about the increasing scammers’ activity during the Black Friday and Cyber Monday Sales. Group-IB experts have discovered more than 400 website-clones of the popular marketplace AliExpress and roughly 200 fake websites […]
Pierluigi Paganini
November 23, 2018
The experts at Cybaze ZLab – Yoroi continue the analysis of new strain of malware used by the Russia-linked APT29 cyberespionage group (aka Cozy Bear) The experts at Cybaze ZLab – Yoroi continue the analysis of new strain of malware used by the Russia-linked APT29 cyberespionage group (aka The Dukes, Cozy Bear, and Cozy Duke). The researchers of Yoroi ZLab, on […]
Pierluigi Paganini
November 23, 2018
Software company OSIsoft has suffered a data breach, the firm confirmed that all domain accounts have likely been compromised. Software company OSIsoft notified security breach to employees, interns, consultants, and contractors. The company offers real-time data management solutions, its core product is the open enterprise infrastructure, the PI System, that allows connecting sensor-based data, systems, and people. The […]
Pierluigi Paganini
November 22, 2018
Dropbox team disclosed three critical zero-day vulnerabilities in Apple macOS, chaining them it is possible to take over a Mac computer. Dropbox team disclosed three critical zero-day vulnerabilities (CVE-2017-13890, CVE-2018-4176, CVE-2018-4175) affecting the Apple macOS operating system, an attacker could chain them to remotely execute arbitrary code on a targeted Mac computer. The attacker only needs to trick victims […]
Pierluigi Paganini
November 22, 2018
The authentication process via German eID cards with RFID chips is flawed, an attacker could impersonate any other citizen. The nightmare comes true, the authentication process via German eID cards with RFID chips is flawed and a flaw could allow an attacker to allow identity spoofing and changing the date of birth. The situation is […]
Pierluigi Paganini
November 22, 2018
Security experts from Netscout Asert discovered more than ten Mirai bot variants attempting to exploit a recently disclosed flaw in Hadoop YARN on Intel servers. These Mirai variants are the first one that doesn’t target Internet of Things devices, the bot was specifically developed to target Linux servers. The Hadoop YARN is vulnerability is a command injection […]
