Pierluigi Paganini
September 02, 2018
A security duo composed of Saleem Rashid and Ryan Castellucci demonstrated that it is possible to hack the John McAfee’s Bitfi cryptocurrency wallet. Today let’s discuss John McAfee’s cryptocurrency wallet, the Bitfi wallet, defined by the popular cyber security expert “unhackable.” Unfortunately, nothing is unhackable, and the Bitfi wallet was already hacked two times. The Bitfi wallet is an Android-powered hardware device for […]
Pierluigi Paganini
September 02, 2018
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! ·     Personal details of 37,000 Eir customers exposed […]
Pierluigi Paganini
September 02, 2018
MagentoCore skimmer already infected 7,339 Magento stores, according to the Willem de Groot who uncovered the campaign, it is the most aggressive to date. The cybersecurity researcher Willem de Groot has uncovered a massive hacking campaign aimed at Magento stores. The hackers have already infected 7,339 Magento stores with a skimmer script, dubbed MagentoCore, that siphons payment card […]
Pierluigi Paganini
September 01, 2018
Security researchers from the opatch community released a micropatch for the recently disclosed Windows zero-day vulnerability. A few days ago, the security researcher who handles the Twitter account @SandboxEscaper has disclosed the details of zero-day privilege escalation vulnerability affecting Microsoft’s Windows operating systems that could be exploited by a local attacker or malicious program to obtain system privileges […]
Pierluigi Paganini
September 01, 2018
On August 13, ASERT observed the Cobalt crime gang actively pushing a new campaign aimed at institutions in eastern Europe and Russia. Security experts from Netscout’s ASERT uncovered a new campaign carried out by the Cobalt cybercrime group. The attacks were detected on August 13, 2018, experts revealed that the hackers targeted also the NS Bank in Russia and Carpatica/Patria in […]
Pierluigi Paganini
August 31, 2018
Today I’d like to share a full path analysis including a KickBack attack which took me to gain full access to an entire Ursniff/Gozi botnet. In other words:Â from a simple “Malware Sample” to “Pwn the Attacker Infrastructure”. NB: Federal Police have already been alerted on such a topic as well as National and International […]
Pierluigi Paganini
August 31, 2018
Security experts from Kaspersky Lab have uncovered a new strain of Android malware dubbed BusyGasper that remained hidden for two years. The BusyGasper Android spyware has been active since May 2016, it implements unusual features for this type of malware. Experts explained it is a unique spy implant with stand-out features such as device sensors listeners. […]
Pierluigi Paganini
August 30, 2018
The Misfortune Cookie flaw is threatening medical equipment that connects bedside devices to the hospital’s network infrastructure. In December 2104, researchers at Check Point Software Technologies discovered the Misfortune Cookie vulnerability, a flaw that was affecting millions of devices running an embedded web server called RomPager, the vulnerability could be exploited by an attacker to run a man-in-the-middle attack on […]
Pierluigi Paganini
August 30, 2018
Air Canada data breach – The incident was confirmed by the company and may have affected 20,000 customers (1%) of its 1.7 million mobile app users. The data breach of the day is the one suffered by Air Canada that may have affected 20,000 customers (1%) of its 1.7 million mobile app users. The news […]
Pierluigi Paganini
August 29, 2018
Qualys experts discovered that OpenSSH is still vulnerable to Oracle attack, it is affected by the CVE-2018-15919 flaw at least since September 2011. Security experts from Qualys discovered that OpenSSH is still vulnerable to Oracle attack, it is affected by the CVE-2018-15919 flaw at least since September 2011. A few days ago the security expert Darek […]
