Pierluigi Paganini
September 16, 2017
It has happened, the information stolen in the recent Equifax data breach is offered for sale on the dark web by crooks, but watch out, they are scammers. Equifax discovered the intrusion on July 29, but only 3 months the agency notified customers the incident (on September 7) that occurred between mid-May and late July. The breach affects […]
Pierluigi Paganini
September 15, 2017
It’s official, the Equifax data breach case was caused by the exploitation of the CVE-2017-5638 Apache Struts vulnerability. The Equifax data breach case was solved, that incident was caused by the exploitation of the CVE-2017-5638 Apache Struts vulnerability. The vulnerability affects the Jakarta Multipart parser upload function in Apache and could be exploited by an […]
Pierluigi Paganini
September 15, 2017
Around 200,000 WordPress websites using the Display Widgets Plugin were impacted after it was updated to include malicious code. According to security firm Wordfence, roughly 200,000 WordPress websites were impacted after a plugin they were using was updated to include a backdoor. “If you have a plugin called “Display Widgets” on your WordPress website, remove it […]
Pierluigi Paganini
September 14, 2017
Experts discovered 4,000 compromised installations on Amazon AWS of open source analytics and search tool Elasticsearch that were running PoS malware. Security researchers from the firm Kromtech have discovered 4,000 compromised instances of open source analytics and search tool Elasticsearch that were running PoS malware. According to Kromtech, this is just a portion of the overall number of compromised […]
Pierluigi Paganini
September 12, 2017
MongoDB company implements new data security features in response to the recent wave of ransom attacks that hit installations worldwide. You have to admit that the bad actors are very good at leveraging a vulnerability into a lucrative opportunity. The latest example comes from MongoDB, a popular, open source database commonly deployed for big data applications on […]
Pierluigi Paganini
September 11, 2017
Media and experts speculate Equifax Hack was the result of the exploitation of the recently discovered critical vulnerability CVE-2017-9805 in Apache Struts. Last week Equifax reported a huge data breach, hackers accessed its systems between mid-May and late July. The incident affected roughly 143 million U.S. consumers and some customers in the U.K. and Canada. […]
Pierluigi Paganini
September 09, 2017
A member of the hacker group ‘Crackas With Attitude’ who hacked US intel officials has been sentenced to 5 years in jail. A member of the dreaded hacking crew Crackas With Attitude has been sentenced to five years in federal prison. “Justin G. Liverman, aka “D3F4ULT”, 25, of Morehead City, pleaded guilty on January 6. Liverman admitted to being […]
Pierluigi Paganini
September 08, 2017
Equifax, one of the three major US consumer credit reporting agencies is the last victim of a data breach that may have affected upwards to 143 million Americans. According to a statement published by the Equifax, crooks exploited an unnamed U.S. website application vulnerability from mid-May to July to access sensitive data in its systems. “Equifax Inc. […]
Pierluigi Paganini
September 06, 2017
The dreaded hacking group ShadowBrokers posted a new message, promising to deliver two data dumps a month as part its monthly dumps. The notorious group ShadowBrokers is back with announcing new interesting changes to their Dump Service. The hackers published a new message on the Steemit platform announcing new changed to their service. “Missing theshadowbrokers? If someone […]
Pierluigi Paganini
September 05, 2017
Researchers at Lookout spotted a new mobile remote access Trojan dubbed xRAT tied to 2014 “Xsser / mRAT” surveillance campaign against Hong Kong protesters. A new mobile remote access Trojan dubbed xRAT includes appears as the evolution of high-profile spyware Xsser / mRAT malware that was first spotted in late 2014 when it was used in a surveillance […]
