Pierluigi Paganini
November 19, 2020
The CyberNews.com Investigation team carried out an infiltration operation against an IRC botnet and reported it to CERT Vietnam to help take it down. Original post @ https://cybernews.com/security/we-infiltrated-an-irc-botnet-heres-what-we-found/ In order to gather valuable information about the IRC botnet’s activity, we joined its Command and Control channel where we met the botmaster who was responsible for […]
Pierluigi Paganini
November 19, 2020
Security experts from RiskIQ discovered a new variant of the Grelos skimmer that presents overlap with Magecart group operations. Researchers from RiskIQ analyzed the increased overlap of a new variant of the skimmer dubbed Grelos and the operations of the groups under the Magecart umbrella. The analysis demonstrates the difficulty in associating new strains of skimmer to groups […]
Pierluigi Paganini
November 18, 2020
Cisco has addressed three flaws in Webex Meetings that would have allowed unauthenticated remote attackers to join ongoing meetings as ghost participants. Cisco has addressed three vulnerabilities in Webex Meetings (CVE-2020-3441, CVE-2020-3471, and CVE-2020-3419) that would have allowed unauthenticated remote attackers to join ongoing meetings as ghost participants. “A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server […]
Pierluigi Paganini
November 18, 2020
Researchers uncovered a large-scale campaign conducted by China-linked APT10 targeting businesses using the recently-disclosed ZeroLogon vulnerability. Symantec’s Threat Hunter Team, a Broadcom division, uncovered a global campaign conducted by a China-linked APT10 cyber-espionage group targeting businesses using the recently-disclosed ZeroLogon vulnerability. The group, also known as Cicada, Stone Panda, and Cloud Hopper, has been active at […]
Pierluigi Paganini
November 18, 2020
Experts from Cybereason Nocturnus uncovered an active campaign that targets users of a large e-commerce platform in Latin America with Chaes malware. Cybereason Nocturnus security researchers have identified an active campaign focused on the users of a large e-commerce platform in Latin America. Experts at Cybereason Nocturnus have uncovered an active campaign targeting the users […]
Pierluigi Paganini
November 18, 2020
President Trump has fired Chris Krebs, Director of the CISA, over his statement claiming the recent presidential election the most secure in US history. Former President Trump has fired Chris Krebs, Director of the Cybersecurity and Infrastructure Security Agency (CISA), over his statement calling the 2020 presidential election the most secure in US history. Former President Trump […]
Pierluigi Paganini
November 17, 2020
Cisco released multiple advisories related to security issues in Cisco Security Manager (CSM) that affect the recently released 4.22 version. Cisco published multiple security advisories related to critical vulnerabilities affecting the Cisco Security Manager (CSM), including the recently released version 4.22. Cisco Security Manager provides a comprehensive management solution for CISCO devices, including intrusion prevention systems […]
Pierluigi Paganini
November 17, 2020
Researchers spotted a new China-linked APT, tracked as FunnyDream that already infected more than 200 systems across Southeast Asia. Security experts at BitDefender have uncovered a new China-linked cyber espionage group, tracked as FunnyDream that has already infected more than 200 systems across Southeast Asia over the past two years. According to Kaspersky Lab, FunnyDream […]
Pierluigi Paganini
November 17, 2020
In May 2019, Microsoft disclosed the BlueKeep vulnerability, more than a year later over 245,000 Windows systems still remain unpatched. Over a year ago Microsoft Patch Tuesday updates for May 2019 addressed nearly 80 vulnerabilities, including the BlueKeep flaw. The issue is a remote code execution flaw in Remote Desktop Services (RDS) that can be exploited by […]
Pierluigi Paganini
November 17, 2020
Boffins devised a new attack, dubbed VoltPillager, that can break the confidentiality and integrity of Intel SGX enclaves by controlling the CPU core voltage. A group of six researchers from the University of Birmingham has devised a new attack technique, dubbed VoltPillager, that can break the confidentiality and integrity of Intel Software Guard Extensions (SGX) […]
Security / February 10, 2026
