Pierluigi Paganini
September 25, 2019
Another day, another embarrassing data leak made the headlines, the online dating app Heyyo left a server exposed on the internet. The online dating app Heyyo left a server exposed on the internet without protection, data were stored on an Elasticsearch instance. The exposed data included personal details, images, location data, phone numbers, and dating […]
Pierluigi Paganini
September 25, 2019
Security experts at Proofpoint observed a new wave of phishing attacks aimed at US Utilities in an attempt to deliver the LookBack RAT. Security experts at Proofpoint have discovered a new series of phishing attacks targeting entities US utilities in an attempt to deliver the LookBack RAT. In early August, the expert reported that between […]
Pierluigi Paganini
September 25, 2019
Adobe released security updates to address three severe vulnerabilities in its ColdFusion web application development platform Adobe released ColdFusion 2016 Update 12 and ColdFusion 2018 Update 5 to address three severe vulnerabilities in its ColdFusion web application development platform, two of them have been rated as “critical.” “Adobe has released security updates for ColdFusion versions […]
Pierluigi Paganini
September 24, 2019
An anonymous hacker disclosed technical details and proof-of-concept exploit code for a critical zero-day remote code execution flaw in vBulletin. vBulletin is one of the most popular forum software, for this reason, the disclosure of a zero-day flaw affecting it could impact a wide audience. More than 100,000 websites online run on top of vBulletin. […]
Pierluigi Paganini
September 24, 2019
Researchers at Yoroi-Cybaze ZLab discovered an interesting drop chain associated with the well-known Aggah campaign. Introduction During our threat monitoring activities, we discovered an interesting drop chain related to the well-known Aggah campaign, the ambiguous infection chain observed by Unit42 which seemed to deliver payloads potentially associated with the Gorgon Group APT. After that, we discovered other malicious activities […]
Pierluigi Paganini
September 24, 2019
Microsoft released an out-of-band patch to address a Zero-day memory corruption vulnerability in Internet Explorer that has been exploited in attacks in the wild. Microsoft has released an out-of-band patch for an Internet Explorer zero-day vulnerability that was exploited in attacks in the wild. The vulnerability tracked as CVE-2019-1367 is a memory corruption flaw that resides […]
Pierluigi Paganini
September 23, 2019
An alleged Portuguese hacker faces 154 charges connected with the publication of internal documents in the Football Leaks case. An alleged Portuguese hacker, Rui Pinto, faces 154 charges connected with the publication of internal documents of top European clubs and soccer officials in the Football Leaks case. The attorney general’s office confirmed last week that […]
Pierluigi Paganini
September 23, 2019
Symantec spotted a new threat actor, tracked as TortoiseShell, that is compromising IT providers to target their specific customers. Symantec researchers spotted a new threat group, tracked as TortoiseShell, that is compromising IT providers to target their specific customers. The group was first spotted in 2018, but experts speculate that it has been active for […]
Pierluigi Paganini
September 22, 2019
Atlassian released security updates for Jira Service Desk and Jira Service Desk Data Center to address a critical flaw that can lead to information disclosure Atlassian released security updates to address critical vulnerabilities in Jira Service Desk and Jira Service Desk Data Center. One of the flaw can lead to information disclosure, while another critical […]
Pierluigi Paganini
September 22, 2019
A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you! A bug in Instagram exposed user […]
Cyber Crime / February 17, 2026
Security / February 17, 2026
