Pierluigi Paganini
June 15, 2018
Trend Micro spotted a new attack relying on weaponized Word documents and PowerShell scripts that appears related to the MuddyWater APT. Security experts at Trend Micro have spotted a new attack relying on weaponized Word documents and PowerShell scripts that appears related to the MuddyWater cyber-espionage campaign. The first MuddyWater campaign was observed in late 2017, then researchers from […]
Pierluigi Paganini
June 15, 2018
A new vulnerability involving side channel speculative execution on Intel chips, known as LazyFP, has been announced and assigned CVE-2018-3665. A new vulnerability tracked as LazyFP (CVE-2018-3665) involving side channel speculative execution affects Intel CPUs, like previous ones it could be exploited by hackers to access sensitive information from the affected system. The vulnerability was discovered […]
Pierluigi Paganini
June 15, 2018
GnuPG 2.2.8 released earlier this month addresses the CVE-2018-12020 vulnerability, dubbed SigSpoof, affecting GnuPG, Enigmail, GPGTools, and python-gnupg. GnuPG, also known as GPG, is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP). GnuPG allows users to encrypt and sign data and communications. GnuPG version 2.2.8 released earlier this month addresses the CVE-2018-12020 vulnerability, dubbed SigSpoof, affecting GnuPG, […]
Pierluigi Paganini
June 14, 2018
Cyber criminal organizations and state-sponsored hackers continue to use Exploit kits to compromise targets world worldwide if the use of Exploit kits is decreased across the recent months, some of them were improved by adding the code to exploit recently discovered Flash and Internet Explorer zero-day vulnerabilities. “Since both Flash and the VBScript engine are […]
Pierluigi Paganini
June 14, 2018
A China-linked APT group, LuckyMouse, Emissary Panda, APT27 and Threat Group 3390, has targeted a national data center in Central Asia. The APT group has been active since at least 2010, the crew targeted U.S. defense contractors and financial services firms worldwide. In March 2018, security experts at Kaspersky Lab have observed an attack powered by the […]
Pierluigi Paganini
June 13, 2018
June 12, 2018 – Cyber Defense eMagazine is arrived – OVER SIX THOUSAND PAGES – SIX YEARS – #1 GLOBAL SOURCE FOR CYBER DEFENSE Cyber Defense eMagazine June 2018 Edition has arrived. We hope you enjoy this month’s edition…packed with over 150 pages of excellent content. InfoSec Knowledge is Power. We have 6 years of eMagazines online […]
Pierluigi Paganini
June 13, 2018
A security researcher from Vertek Corporation reported to Bleeping Computer that over 43 million email addresses have been leaked from the command and control server of a spam botnet. An expert from Vertek Corporation spotted the C&C server while investigating a recent malware campaign distributing a version of the Trik trojan. The malicious code was used as a first-stage malware […]
Pierluigi Paganini
June 13, 2018
Retailer Dixons Carphone has disclosed a security breach that involved 5.9 million payment cards and 1.2 million personal data records. Dixons Carphone discovered an “unauthorised access” to certain data held by the company, it promptly launched an investigation and hired an external firm to shed the light on the case. The company immediately reported the […]
Pierluigi Paganini
June 12, 2018
North Korea-linked Lazarus APT group planted an ActiveX zero-day exploit on the website of a South Korean think tank focused on national security. According to researchers at AlienVault, North Korea-linked hackers planted an ActiveX zero-day vulnerability on the website of a South Korean think tank focused on national security. The experts attributed the attack to the notorious Lazarus APT group […]
Pierluigi Paganini
June 12, 2018
VMware has found a critical remote code execution vulnerability in the AirWatch Agent applications for Android and Windows Mobile. The agent is installed by users on a mobile device in order to allow the AirWatch to manage it. The flaw, tracked as CVE-2018-6968, “may allow for unauthorized creation and execution of files in the Agent sandbox […]
