Pierluigi Paganini
January 15, 2020
VMware has released security updates to address a local privilege escalation vulnerability in VMware Tools version 10 for Windows. VMware has released VMware Tools 11.0.0 that addresses a local privilege escalation issue in Tools 10.x.y tracked as CVE-2020-3941. The issue, classified as a race condition flaw that could be exploited by an attacker to access […]
Pierluigi Paganini
January 15, 2020
P&N Bank discloses data breach, customer account information, balances exposed The Australian P&N Bank is notifying its customers a data breach that has exposed personally identifiable information (PII) and sensitive account data. P&N Bank, a division of Police & Nurses Limited and operating in Western Australia, suffered a data breach and is reporting the incident […]
Pierluigi Paganini
January 15, 2020
49 million user records from US data broker LimeLeads were available for sale on a hacking forum. 49 million user records from US data broker LimeLeads were available for sale on a hacking forum, the data were exposed on an Elasticsearch server. Exposed LimeLeads data contains full name, title, user email, employer/company name, company address, […]
Pierluigi Paganini
January 15, 2020
Microsoft has released a security update to address “a broad cryptographic vulnerability” that is impacting its Windows operating system. Microsoft Patch Tuesday updates for January 2020 address a total of 49 vulnerabilities in various products, including a serious flaw, tracked as CVE-2020-0601, in the core cryptographic component of Windows 10, Server 2016 and 2019 editions. […]
Pierluigi Paganini
January 14, 2020
Adobe released its January 2020 Patch Tuesday updates that address several flaws in Illustrator and Experience Manager products. Adobe releases its first 2020 patch Tuesday software updates that address several vulnerabilities in Illustrator and Experience Manager products. “Adobe has published security bulletins for Adobe Experience Manager (APSB20-01) and Adobe Illustrator (APSB20-03). Adobe recommends users update their product installations to the latest […]
Pierluigi Paganini
January 14, 2020
Russia-linked cyber-espionage group hacked the Ukrainian energy company Burisma at the center of the impeachment trial of US President Donald Trump. The Russian cyberspies, operating under Russia’s GRU military intelligence agency (aka Fancy Bear) carried out a spear-phishing campaign in November aimed at accessing the email of Burisma Holdings employees. The attack was detailed by […]
Pierluigi Paganini
January 13, 2020
Facebook addressed last week a security flaw that exposed page admin accounts, the bug was exploited against several high-profile pages. Last week Facebook has addressed a security issue that exposed page admin accounts, the bug was exploited in attacks in the wild against several high-profile pages. The page admin accounts are anonymous unless the Page […]
Pierluigi Paganini
January 11, 2020
The US DHS CISA agency is warning organizations that threat actors continue to exploit the CVE-2019-11510 Pulse Secure VPN vulnerability. The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) is warning organizations that attackers continue to exploit the well known Pulse Secure VPN vulnerability tracked as CVE-2019-11510. The CVE-2019-11510 flaw in Pulse Connect Secure […]
Pierluigi Paganini
January 10, 2020
Two MageCart groups have planted software skimmers on multiple European websites for the Perricone MD anti-aging skincare Two distinct MageCart groups have compromised multiple European websites for the Perricone MD anti-aging skin-care brand with the intent of stealing customer payment card info. The two groups planted software skimmers on Perricone MD websites in Italy, Germany, […]
Pierluigi Paganini
January 10, 2020
In the last 18 months, North Korea-linked Lazarus APT group has continued to target cryptocurrency exchanges evolving its TTPs. Kaspersky researchers have analyzed the attacks carried out by North Korea-linked Lazarus APT group in the past 18 months and confirmed their interest in banks and cryptocurrency exchanges. In the mid-2018, the APT targeted cryptocurrency exchanges and cryptocurrency […]
