hacking news

Pierluigi Paganini March 08, 2020
New Coronavirus-themed malspam campaign delivers FormBook Malware

Experts uncovered a new Coronavirus (COVID-19)-themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware. The campaign uses emails that pretend being sent by members of the World Health Organization (WHO), the messages […]

Pierluigi Paganini March 05, 2020
Hackers gained access to T-Mobile customers and employee personal info

New problems for the wireless carrier T-Mobile that disclosed a data breach that exposed some of the customers’ personal information. The wireless carrier T-Mobile was victims of a sophisticated cyber attack that targeted its email vendor. A data breach notification published by the telecommunications giant on its website revealed that the security breach impacted both employees […]

Pierluigi Paganini March 05, 2020
Cisco addresses high severity RCE flaws in Webex Player

Cisco has released security updates to fix multiple vulnerabilities in various products, including two remote code execution flaws in Webex Player.  The two remote code execution vulnerabilities fixed by Cisco have been tracked CVE-2020-3127 and CVE-2020-3128 respectively. The vulnerabilities have been rated as high severity and received a CVSS score of 7.8. The vulnerabilities are caused by the […]

Pierluigi Paganini March 05, 2020
Most of the attacks on Telecom Sector in 2019 were carried out by China-linked hackers

China-linked cyber espionage groups increasingly targeted organizations in the telecommunications industry in 2019. According to the CrowdStrike 2020 Global Threat Report, the telecommunications and government sectors were the most targeted by the threat actors. Experts monitored operations carried out by nation-state actors and financially-motivated attackers. Most of the attacks against organizations in the telecom sector […]

Pierluigi Paganini February 29, 2020
Crooks are attempting to take over tens of thousands of WordPress sites

Threat actors are launching a hacking campaign aimed at taking over tens of thousands of WordPress sites by exploiting critical vulnerabilities. One of the issues exploited in the attacks is a zero-day vulnerability that affects several plugins and that could allow hackers to create admin accounts and take over the sites. Researchers at NinTechNet reported […]

Pierluigi Paganini February 27, 2020
Data on Detection of Malicious Documents in Gmail are impressive

Google revealed that the enhancements to its scanning system implemented in Gmail are boosting its detection capabilities. Google announced that the new scanning capabilities implemented in Gmail have increased the detection rate of malicious documents. The IT giant proudly announced that combining its existing machine learning models with other protections it was able to detect […]

Pierluigi Paganini February 26, 2020
Kr00k Wi-Fi Encryption flaw affects more than a billion devices

A high-severity hardware vulnerability, dubbed Kr00k, in Wi-Fi chips manufactured by Broadcom and Cypress expose over a billion devices to hack. Cybersecurity researchers from ESET have discovered a new high-severity hardware vulnerability, dubbed Kr00k, that affects Wi-Fi chips manufactured by Broadcom and Cypress. The vulnerability could have a severe impact on the IT sector, the […]

Pierluigi Paganini February 26, 2020
Reading Municipal Light Department, an electric utility in Massachusetts, hit by ransomware

The Reading Municipal Light Department (RMLD), an electric utility in Massachusetts, announced it was hit by a ransomware attack. This week, the Reading Municipal Light Department (RMLD), an electric utility in Massachusetts, announced it was hit by a ransomware attack. Reading Municipal Light Department provides electricity to over 68,000 citizens that live in the towns […]

Pierluigi Paganini February 25, 2020
Decathlon Spain data leak exposed Spanish employees’ data & more

Experts discovered a leaking, active database with over 123 million records belonging to Decathlon Spain (and possibly Decathlon UK as well). Experts from vpnMentor have uncovered a leaking, active database containing over 123 million records belonging to the sporting goods retailer Decathlon Spain (and possibly Decathlon UK as well). The unsecure archive is greater than […]

Pierluigi Paganini February 25, 2020
Zyxel addresses Zero-Day vulnerability in NAS devices

Tech vendor Zyxel addresses a critical vulnerability in several network-attached storage (NAS) devices that is already being exploited in the wild. Zyxel has released security patches to address a critical remote code execution vulnerability, tracked as CVE-2020-9054, that affects several NAS devices. The flaw can be exploited by an unauthenticated attacker, it resides in the weblogin.cgi CGI executable […]