hacking news

Pierluigi Paganini January 07, 2020
Malicious app exploiting CVE-2019-2215 zero-day available in Google Play since March

Security experts have found a malicious app in the Google Play that exploits the recently patched CVE-2019-2215 zero-day vulnerability. Earlier October, Google Project Zero researchers Maddie Stone publicly disclosed a zero-day vulnerability, tracked as CVE-2019-2215, in Android. Maddie Stone published technical details and a proof-of-concept exploit for the high-severity security vulnerability, seven days after she reported it to the colleagues […]

Pierluigi Paganini January 07, 2020
HappyHotel, popular search engine for love hotels in Japan discloses data breach

HappyHotel, a Japanese search engine used to find and book rooms in “love hotels,” announced to have suffered a security breach in December. HappyHotel is a popular Japanese search engine for “love hotels,” it is used by married couples and unfaithful spouses, it allows users to book rooms in love hotels in Japan. Almex, the […]

Pierluigi Paganini January 06, 2020
Microsoft report: around 0.08% of RDP brute-force attacks are successful

Microsoft published an interesting analysis of RDP brute-force attacks that targeted the 45,000 have analyzed in months of study. Researchers from Microsoft have analyzed several months’ worth of data to investigate RDP brute force attacks occurring across Microsoft Defender ATP customers. The study involved 45,000 machines that had both RDP public IP connections and at […]

Pierluigi Paganini January 05, 2020
Austria’s foreign ministry is facing a ‘serious cyberattack’

Austria’s foreign ministry announced it was facing a “serious cyberattack” and that it could be the work of a nation-state actor. Austria’s foreign ministry was the victim of a cyber-attack that is suspected to have been conducted by a foreign state due to its level of sophistication. “Due to the gravity and nature of the […]

Pierluigi Paganini January 05, 2020
Federal Depository Library Program Govn agency breached by Iranian hackers

A group of alleged Iranian hackers claims to have breached the website of a US government agency, Federal Depository Library Program, on Saturday after the killing of Qasem Soleimani. A group of Iranian hackers claims to have breached the website of a US government agency, the Federal Depository Library Program, vowing revenge for the killing […]

Pierluigi Paganini January 05, 2020
DeathRansom ransomware evolves encrypting files, but experts identified its author

DeathRansom was considered fake ransomware due to the fact that it did not implement an effective encryption process, but now things are changing. DeathRansom is a ransomware family that was initially classified as a joke because it did not implement an effective encryption scheme. Researchers at Fortinet published an analysis that shows the threat evolving, […]

Pierluigi Paganini January 04, 2020
BusKill, a $20 USB Dead Man’s Switch for Linux Laptop

‘BusKill‘ is a cheap kill cord Dead Man Switch to trigger the machine to self-destruct in case the laptop is stolen, it was designed by the software engineer Michael Altfield. The idea is very simple, the BusKill cable connects a Linux laptop to the user, for example, to his belt. In case of theft, the USB […]

Pierluigi Paganini January 03, 2020
US Army banned the popular TikTok app over China security concerns

The U.S. Army this week has banned the popular TikTok app from government mobile amid fear of China-linked cyberespionage. The US Army has banned the use of the popular TikTok app on mobile phones used by its personnel for security reasons. TikTok is a social media app that allows its users to create and share […]

Pierluigi Paganini January 03, 2020
Travelex currency exchange suspends services after malware attack

The Travelex currency exchange has been forced offline following a malware attack launched on New Year’s Eve.  This week, the UK-based currency exchange Travelex announced that it has shut down its services as a “precautionary measure” following a malware attack. The London-based company, which operates more than 1,500 stores globally, suffered the attack on December […]

Pierluigi Paganini January 03, 2020
Cisco addresses several flaws in its DCNM product

Cisco has released software updates for its Data Center Network Manager (DCNM) product to address several critical and high-severity issues. Cisco has released software updates that address several critical and high-severity vulnerabilities in its Data Center Network Manager (DCNM) product. All the vulnerabilities were reported to Cisco through Trend Micro’s Zero Day Initiative (ZDI) and […]