Pierluigi Paganini
June 02, 2018
Experts from security firms GreyNoise Intelligence and JASK believe that the threat actor behind the VPNFilter is now attempting to resume the botnet with a new wave of infections. A week ago security experts and law enforcement bodies reported the existence of a huge Russia-linked botnet tracked as VPNFilter. The botnet infected over 500,000 routers and […]
Pierluigi Paganini
June 01, 2018
Cybercriminals continue to improve the infamous Mirai botnet by adding new exploits and functionalities, experts warn new dangerous variant will appear in the wild. According to Netscout’s Arbor Security Engineering and Response Team (ASERT), cybercriminals continue to improve the dreaded Mirai IoT botnet by adding new exploits and functionalities. The time to market of new Mirai botnet […]
Pierluigi Paganini
June 01, 2018
The website of the events ticketing company Ticketfly was shut down after a hacker who calls himself “IsHaKdZ” compromised it. The hacker defaced the Ticketfly website with a picture of Guy Fawkes and a warning that read “Your Security Down im Not Sorry.” The attacker also published a yandex.com email account along with the following message: […]
Pierluigi Paganini
June 01, 2018
A North Korea-linked APT group, tracked as Andariel Group, leveraged an ActiveX zero-day vulnerability in targeted attacks against South Korean entities. According to a report published by South Korean cyber-security firm AhnLab, the Andariel Group is a division of the dreaded Lazarus APT Group, it already exploited ActiveX vulnerabilities in past attacks The attackers exploited at […]
Pierluigi Paganini
May 31, 2018
The SpamCannibal blacklist service was hijacked since Wednesday morning, attackers changed the DNS name server settings for the website overnight. The SpamCannibal was born to blacklist IP address of malicious servers involved in spam campaigns and DoS attacks. SpamCannibal was using a continually updated database containing the IP addresses of spam or DoS servers and blocks their […]
Pierluigi Paganini
May 31, 2018
Dmitri Kaslov, a security researcher at Telspace Systems, discovered a vulnerability in the JScript component of the Windows operating system that can be exploited by an attacker to execute malicious code on a target computer. Kaslov disclosed the zero-day flaw through the Trend Micro Zero-Day Initiative (ZDI) back in January, then ZDI experts reported it […]
Pierluigi Paganini
May 30, 2018
The Git community disclosed a dangerous vulnerability in Git, tracked as CVE-2018-11235, that can lead to arbitrary code execution when a user operates in a malicious repository. The Git developer team and other firms offering Git repository hosting services have issued security updates to address a remote code execution vulnerability, tracked as CVE-2018-11235 in the Git […]
Pierluigi Paganini
May 30, 2018
On Monday, Two Canada’s five largest banks, the Bank of Montreal (BMO) and Simplii Financial, informed their customers they are investigating a data breach. The security breach suffered by the Bank of Montreal (BMO) may have impacted less than 50,000 of the overall 8 million customers, the incident suffered by Simplii Financial may have exposed information of 40,000 clients. […]
Pierluigi Paganini
May 29, 2018
A vulnerability tracked as CVE-2018-11518 could be exploited by attackers to power a phreaking attack on HCL legacy Interactive Voice Response systems that do not use VoIP. These IVR systems rely on various frequencies of audio signals; based on the frequency, certain commands and functions are processed. Since these frequencies are accepted within a phone call, an attacker can […]
Pierluigi Paganini
May 29, 2018
Security experts from the 360 Core Security Team have found and successfully exploited a buffer out-of-bounds write vulnerability in EOS node when parsing a WASM file. Vulnerability Description We found and successfully exploit a buffer out-of-bounds write vulnerability in EOS when parsing a WASM file. To use this vulnerability, attacker could upload a malicious smart […]
