Pierluigi Paganini
March 11, 2020
A flaw in the impacting Avast and AVG AntiTrack privacy software could expose users to browser hijacking and Man-in-The-Middle (MiTM) attacks. Security expert David Eade has discovered a vulnerability (CVE-2020-8987) in Avast and AVG AntiTrack privacy software that could expose end-users to Man-in-The-Middle (MiTM) attacks, browser session hijack, with consequent exposure of sensitive data. “A […]
Pierluigi Paganini
March 10, 2020
Today Microsoft accidentally leaked info about a new wormable vulnerability (CVE-2020-0796) in the Microsoft Server Message Block (SMB) protocol. Today Microsoft accidentally leaked info on a security update for a wormable vulnerability in the Microsoft Server Message Block (SMB) protocol. The issue, tracked as CVE-2020-0796, is pre- remote code execution vulnerability that resides in the Server […]
Pierluigi Paganini
March 10, 2020
Microsoft is warning of human-operated ransomware, this kind of attack against businesses is becoming popular in the cybercrime ecosystem. Human-operated ransomware is a technique usually employed in nation-state attacks that is becoming very popular in the cybercrime ecosystem. In human-operated ransomware attack scenario, attackers use stolen credentials, exploit misconfiguration and vulnerabilities to access target networks, […]
Pierluigi Paganini
March 08, 2020
Experts uncovered a new Coronavirus (COVID-19)-themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware. The campaign uses emails that pretend being sent by members of the World Health Organization (WHO), the messages […]
Pierluigi Paganini
March 05, 2020
New problems for the wireless carrier T-Mobile that disclosed a data breach that exposed some of the customers’ personal information. The wireless carrier T-Mobile was victims of a sophisticated cyber attack that targeted its email vendor. A data breach notification published by the telecommunications giant on its website revealed that the security breach impacted both employees […]
Pierluigi Paganini
March 05, 2020
Cisco has released security updates to fix multiple vulnerabilities in various products, including two remote code execution flaws in Webex Player. The two remote code execution vulnerabilities fixed by Cisco have been tracked CVE-2020-3127 and CVE-2020-3128 respectively. The vulnerabilities have been rated as high severity and received a CVSS score of 7.8. The vulnerabilities are caused by the […]
Pierluigi Paganini
March 05, 2020
China-linked cyber espionage groups increasingly targeted organizations in the telecommunications industry in 2019. According to the CrowdStrike 2020 Global Threat Report, the telecommunications and government sectors were the most targeted by the threat actors. Experts monitored operations carried out by nation-state actors and financially-motivated attackers. Most of the attacks against organizations in the telecom sector […]
Pierluigi Paganini
February 29, 2020
Threat actors are launching a hacking campaign aimed at taking over tens of thousands of WordPress sites by exploiting critical vulnerabilities. One of the issues exploited in the attacks is a zero-day vulnerability that affects several plugins and that could allow hackers to create admin accounts and take over the sites. Researchers at NinTechNet reported […]
Pierluigi Paganini
February 27, 2020
Google revealed that the enhancements to its scanning system implemented in Gmail are boosting its detection capabilities. Google announced that the new scanning capabilities implemented in Gmail have increased the detection rate of malicious documents. The IT giant proudly announced that combining its existing machine learning models with other protections it was able to detect […]
Pierluigi Paganini
February 26, 2020
A high-severity hardware vulnerability, dubbed Kr00k, in Wi-Fi chips manufactured by Broadcom and Cypress expose over a billion devices to hack. Cybersecurity researchers from ESET have discovered a new high-severity hardware vulnerability, dubbed Kr00k, that affects Wi-Fi chips manufactured by Broadcom and Cypress. The vulnerability could have a severe impact on the IT sector, the […]
Data Breach / February 14, 2026
