Security experts from Cisco Talos discovered several flaws in the Aerospike Database Server, a high-performance, and open source NoSQL database. Security experts from Cisco Talos have discovered several vulnerabilities in the Aerospike Database Server, a high-performance, and open source NoSQL database. It is used by several major brands for high-performance applications, including Kayak, AppNexus, Adform, adMarketplace and […]
Security experts from FireEye have spotted a new variant of the infamous Ploutus ATM malware that infected systems in Latin America. Ploutus is one of the sophisticated ATM malware that was first discovered in Mexico back in 2013. The threat allows crooks to steal cash from ATMs using either an external keyboard attached to the machine […]
The hackers that targeted MongoDB installations with ransom attacks now switch on the exposed Elasticsearch clusters with a similar tactic. A few days ago I reported the news of a string of cyber attacks against MongoDB databases. Hackers broke into unprotected MongoDB databases, stealing their content, and asking for a ransom to return the data. […]
A security issue can be used to intercept and read encrypted messages. Is this a WhatsApp backdoor? Which are potential risks? Is the popular messaging service Whatsapp affected by a backdoor? According to a blog post published by The Guardian, the application was affected by a vulnerability that could be exploited by attackers to intercept and read messages. […]
The popular hacker Kapustkiy hacked a website belonging to the Government of Venezuela in protest against the dictatorship of Nicolas Maduro. The White hat hacker Kapustkiy has hacked the Government of Venezuela and leaked data on Pastebin http://pastebin.com/ud0pewGL. Kapustkiy hacked the website www.gdc.gob.ve by exploiting a Local File Inclusion (LFI) vulnerability in: http://www.gdc.gob.ve/2.0/gui_resources/css/?f=../../../../../../../../../../etc/passwd “I have found a LFI in the […]
According to the release notes the latest version of WordPress 4.7.1 addresses eight security vulnerabilities and other 62 bugs. Wednesday the latest version of WordPress 4.7.1 was released by the WordPress Team, it is classified as a security release for all previous versions. According to the release notes, the new version addresses eight security flaws […]
The ShadowBrokers hacking group that broke into the NSA arsenal and stole its hacking tools is signing off, leaving a gift to the security community. The mysterious hacking group calling themselves âThe Shadow Brokersâ has apparently decided to put an end to their failed attempts to sell exploits and hacking tools they claimed to have […]
Let’s try to analyze some facts about the Italian EyePyramid espionage campaign. Prof. Corrado Aaron Visaggio helped us in this difficult task. The Italian EyePyramid espionage campaign raised to me two simple questions: (i) Are the criminals geniuses or dummies? (ii) How can an old, known, easy-to-detect malware infect so many machines belonging to different […]
The Internet Systems Consortium (ISC) has issued security updates to address four high severity flaws in the DNS software BIND. The Internet Systems Consortium (ISC) has issued updates to solve four high severity flaws in the DNS software BIND. The flaw could be exploited by a remote attacker to cause a DoS condition. An attacker can […]
According to the BSI more than 6,000 online stores running eBay’s Magento platform have been hacked across the last two years. According to the Germany’s Federal Office for Information Security, more than 6,000 online stores running eBay’s Magento platform have been hacked across the last two years. Crooks targeted the e-commerce platform in order to steal credit […]