Pierluigi Paganini
May 05, 2020
Level up Your Security Program With the Same Security Intelligence Used by the World’s Largest Governments and Many of the Fortune 1000 Recorded Future, the largest global security intelligence provider, today released a free browser extension that helps prioritize SIEM alerts and vulnerability patching, in addition to providing enhanced malware analysis. With this release, Recorded […]
Pierluigi Paganini
May 04, 2020
The US DHS CISA agency issued a new alert that includes recommendations on how organizations should properly secure Microsoft Office 365 installs. The current COVID-19 pandemic is pushing organizations to adopt a growing number of cloud-based services, for this reason, the DHS CISA published a new alert that provides recommendations to secure Office 365 deployments. […]
Pierluigi Paganini
May 03, 2020
Today I am so happy to announce a big improvement in the cyber threats observatory (available for here). The main improvement sees the introduction of clustering stereotypes for each tracked malware family in three different behaviors: Domains, Files and Processes. Every malware does specific actions on domains, files and processes realms by meaning that every sample contacts several domain names, spawns specific processes and […]
Pierluigi Paganini
May 01, 2020
Threat actors and criminal organizations continue to take advantage of the COVID-19 pandemic to make money, Europol warns. Europol published a report that highlights how criminals organizations are adapting their operations attempting to take advantage of the COVID-19 pandemic. The trend is similar to the one observed during previous financial crises, but the speed of […]
Pierluigi Paganini
April 29, 2020
Adobe released security updates for Adobe Illustrator, Bridge, and Magento that fix several issues, including multiple remote code execution flaws. Adobe has released security updates that address multiple vulnerabilities in Adobe Illustrator, Bridge, and Magento, including some critical remote code execution flaws. The remote code execution flaws could be exploited by an attacker to execute commands […]
Pierluigi Paganini
April 28, 2020
Kaspersky Lab uncovered an ongoing cyberespionage campaign, dubbed PhantomLance, that employed malicious apps hosted on the official Google Play. Kaspersky has spotted an ongoing campaign, dubbed PhantomLance, that employed malicious spying apps hosted by Google Play. The campaign has been active for at least four, experts discovered “dozens” of malicious apps in Google Play, some of which […]
Pierluigi Paganini
April 28, 2020
Timetv.live is the latest Azeri news site targeted by Denial of Service (DDoS) attacks launched by Sandman threat actor, the attack took place on March 21, 2020. Original Post by Qurium: *Qurium’s forensics report:* Sandman and Fineproxy behind the DDoSAttacks against TimeTV.Live https://www.qurium.org/alerts/azerbaijan/sandman-and-fineproxy-behind-the-ddos-attacks-against-timetv-live/ Timetv.live is the latest Azeri news site targeted by Denial of Service attacks. […]
Pierluigi Paganini
April 28, 2020
A bug in the Real-Time Find and Replace WordPress plugin could allow hackers to hackers to create rogue admin accounts on over 100,000 sites. A vulnerability in the Real-Time Find and Replace WordPress plugin could be exploited by attackers to create rogue admin accounts. The Real-Time Find and Replace WordPress plugin is currently installed on over 100,000 sites, it […]
Pierluigi Paganini
April 27, 2020
Experts discovered how to take over Microsoft Teams accounts by just sending recipients a regular GIF, it works for both desktop and web Teams versions. Microsoft has addressed a vulnerability in Teams workplace video chat and collaboration platform that could have allowed attackers to take Team accounts by sending participants a malicious link to an […]
Pierluigi Paganini
April 24, 2020
A joint report released by the U.S. NSA and the Australian Signals Directorate (ASD) warns of attackers increasingly exploiting vulnerable web servers to deploy web shells. A joint report published by the U.S. National Security Agency (NSA) and the Australian Signals Directorate (ASD) is warning of bad actors increasingly exploiting vulnerable web servers to deploy […]
