17493 results
Pierluigi Paganini
May 14, 2018
The Nigelthorn malware has already infected over 100,000 systems in 100 countries by abusing a Google Chrome extension called Nigelify. A new strain of malware, dubbed Nigelthorn malware because it abuses a Google Chrome extension called Nigelify, has already infected over 100,000 systems in 100 countries, most of them in the Philippines, Venezuela, and Ecuador (Over 75%). The new […]
Pierluigi Paganini
May 13, 2018
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online Kindle Edition Paper Copy Once again thank you! ·     European Central Bank announced a framework for cyber attack simulation on financial firms […]
Pierluigi Paganini
May 13, 2018
Security experts have discovered a vulnerability in the Electron software framework that has been used for building a large number of popular desktop applications. Popular desktop applications, including Skype, Slack, GitHub Desktop, Twitch, WordPress.com, and others, are potentially affected. Electron is a node.js, V8, and Chromium open-source framework that allows developers to use web technologies such as […]
Pierluigi Paganini
May 13, 2018
An Ubuntu user has spotted a Bytecoin cryptocurrency miner hidden in the source code of an Ubuntu Snap Pack in the Official Ubuntu Snap Store. An Ubuntu user that goes online with the GitHub moniker “Tarwirdur” has discovered a malware in the source code of an Ubuntu snap package hosted on the official Ubuntu Snap Store, a […]
Pierluigi Paganini
May 13, 2018
The EE operator, the British largest cell network in the UK with some 30 million customers, has left a critical code system exposed online with a default password. EE, a British mobile network giant owned by BT Group has been accused of leaving a critical code repository on an open-source tool protected by a default username and […]
Pierluigi Paganini
May 12, 2018
Security researchers from Kromtech Security discovered a MongoDB install belonging to the Russian-based video surveillance firm Did iVideon open online. The database included personal information for over 825,000 subscribers and partners. Leaked records include logins, email addresses, password hashes, server names, domain names, IP addresses, sub accounts, software settings, and payment settings information (we did not see any credit card […]
Pierluigi Paganini
May 12, 2018
WannaCry ransomware outbreak anniversary – According to researchers from ESET, the popularity of EternalBlue increase significantly over the past months. Exactly one year ago, on May 12, the WannaCry ransomware infected hundreds of thousands of computers worldwide. The success of the malware was the use of the EternalBlue exploit that was stolen by Shadow Brokers […]
Pierluigi Paganini
May 12, 2018
Google released an updated version of Chrome 66 that addresses a Critical security vulnerability that could be exploited by an attacker to take over a system. Google released an updated version of Chrome 66 (version 66.0.3359.170) for Windows, Mac, and Linux systems that addressed 4 security vulnerabilities. “This update includes 4 security fixes. Below, we highlight fixes that were contributed […]
Pierluigi Paganini
May 11, 2018
Security experts devised a new attack technique dubbed Throwhammer that could be exploited by attackers to launch Rowhammer attack on a system in a LAN. A few days ago we discussed the GLitch attack that leverages graphics processing units (GPUs) to launch a remote Rowhammer attack against Android smartphones. Now security experts devised a new attack […]
Pierluigi Paganini
May 11, 2018
Trello, when an error in the publishing strategy is able to put at risk the private data of a huge community of unaware users. A “Security enthusiastic” found a vulnerability in the Trello web management and now with a simple dork is possible to query to mine passwords from dozens of public Trello boards. Our […]
