Pierluigi Paganini
May 03, 2020
Today I am so happy to announce a big improvement in the cyber threats observatory (available for here). The main improvement sees the introduction of clustering stereotypes for each tracked malware family in three different behaviors: Domains, Files and Processes. Every malware does specific actions on domains, files and processes realms by meaning that every sample contacts several domain names, spawns specific processes and […]
Pierluigi Paganini
May 01, 2020
Threat actors and criminal organizations continue to take advantage of the COVID-19 pandemic to make money, Europol warns. Europol published a report that highlights how criminals organizations are adapting their operations attempting to take advantage of the COVID-19 pandemic. The trend is similar to the one observed during previous financial crises, but the speed of […]
Pierluigi Paganini
April 29, 2020
Adobe released security updates for Adobe Illustrator, Bridge, and Magento that fix several issues, including multiple remote code execution flaws. Adobe has released security updates that address multiple vulnerabilities in Adobe Illustrator, Bridge, and Magento, including some critical remote code execution flaws. The remote code execution flaws could be exploited by an attacker to execute commands […]
Pierluigi Paganini
April 28, 2020
Kaspersky Lab uncovered an ongoing cyberespionage campaign, dubbed PhantomLance, that employed malicious apps hosted on the official Google Play. Kaspersky has spotted an ongoing campaign, dubbed PhantomLance, that employed malicious spying apps hosted by Google Play. The campaign has been active for at least four, experts discovered “dozens” of malicious apps in Google Play, some of which […]
Pierluigi Paganini
April 28, 2020
Timetv.live is the latest Azeri news site targeted by Denial of Service (DDoS) attacks launched by Sandman threat actor, the attack took place on March 21, 2020. Original Post by Qurium: *Qurium’s forensics report:* Sandman and Fineproxy behind the DDoSAttacks against TimeTV.Live https://www.qurium.org/alerts/azerbaijan/sandman-and-fineproxy-behind-the-ddos-attacks-against-timetv-live/ Timetv.live is the latest Azeri news site targeted by Denial of Service attacks. […]
Pierluigi Paganini
April 28, 2020
A bug in the Real-Time Find and Replace WordPress plugin could allow hackers to hackers to create rogue admin accounts on over 100,000 sites. A vulnerability in the Real-Time Find and Replace WordPress plugin could be exploited by attackers to create rogue admin accounts. The Real-Time Find and Replace WordPress plugin is currently installed on over 100,000 sites, it […]
Pierluigi Paganini
April 27, 2020
Experts discovered how to take over Microsoft Teams accounts by just sending recipients a regular GIF, it works for both desktop and web Teams versions. Microsoft has addressed a vulnerability in Teams workplace video chat and collaboration platform that could have allowed attackers to take Team accounts by sending participants a malicious link to an […]
Pierluigi Paganini
April 24, 2020
A joint report released by the U.S. NSA and the Australian Signals Directorate (ASD) warns of attackers increasingly exploiting vulnerable web servers to deploy web shells. A joint report published by the U.S. National Security Agency (NSA) and the Australian Signals Directorate (ASD) is warning of bad actors increasingly exploiting vulnerable web servers to deploy […]
Pierluigi Paganini
April 24, 2020
Mozilla announced some changes to its Firefox bug bounty program, it promises bigger rewards for vulnerabilities and will accept duplicate reports if necessary. Mozilla announced some major changes to its bug bounty program that was first launched in 2004. The organization paid out $965,750 for roughly 350 vulnerabilities, the average payout for each issue was […]
Pierluigi Paganini
April 23, 2020
Microsoft released an out-of-band advisory to address security vulnerabilities affecting Autodesk FBX vulnerabilities in Office, Office 365, and Paint 3D. Researchers from Autodesk discovered multiple vulnerabilities that affect the Autodesk FBX software development kit (SDK), the issues could lead to code execution and trigger denial of service conditions. Microsoft confirmed that the issues in the Autodesk […]
