hacking news

Pierluigi Paganini November 24, 2019
Security Affairs newsletter Round 241

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Experts found undocumented access feature in Siemens SIMATIC PLCs Tianfu Cup 2019 Day 1 – Chinese experts hacked Chrome, Edge, Safari, Office365 Crooks use carding bots to check stolen card data ahead of the holiday season Experts report […]

Pierluigi Paganini November 23, 2019
Kaspersky found dozens of flaws in 4 open-source VNC software

Kaspersky researchers found dozens of flaws in four popular open-source virtual network computing (VNC) systems. Experts from Kaspersky analyzed several different implementations of a remote access system called Virtual Network Computing (VNC) and identified a number of memory corruption vulnerabilities. Some of the vulnerabilities found by the experts could lead to remote code execution. The […]

Pierluigi Paganini November 23, 2019
Chinese smartphone vendor OnePlus discloses a new data breach

Chinese smartphone vendor OnePlus has suffered a new data breach, according to a company’s notice hackers accessed customers’ order information. OnePlus disclosed a data breach, an “unauthorized party” accessed some customers’ order information, including names, contact numbers, emails, and shipping addresses. “We want to update you that we have discovered that some of our users’ […]

Pierluigi Paganini November 22, 2019
Personal and social information of 1.2B people exposed on an open Elasticsearch install

Security duo discovered personal and social information 1.2 billion people exposed online on an unsecured Elasticsearch server. Researchers Bob Diachenko and Vinny Troia discovered an unsecured Eslasticsearch server containing an unprecedented 4 billion user accounts. The database, discovered on October 16, 2019, contained more than 4 terabytes of data is the largest data leaks from a single […]

Pierluigi Paganini November 22, 2019
Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

The Russian hacker who created and used Neverquest banking malware has finally been sentenced to 4 years in prison by a US District Court. Stanislav Vitaliyevich Lisov (34), the Russian hacker who created and used Neverquest banking malware has been sentenced to 4 years in prison by the United States District Court for the Southern District of New York. […]

Pierluigi Paganini November 22, 2019
AccorHotels subsidiary Gekko Group exposes hotels and travelers data in massive data leak

Security experts from vpnMentor discovered that Gekko Group, an AccorHotels subsidiary, exposes hotels and travelers in a massive data leak. Gekko Group is a leading European B2B hotel booking platform that also owns smaller hospitality brands, including Teldar Travel & Infinite Hotel. The AccorHotels subsidiary has a combined customer base of 600,000 hotels worldwide. vpnMentor discovered a database exposed […]

Pierluigi Paganini November 21, 2019
Google will pay up to $1.5m for full chain RCE for Android on Titan M chips

Google announced that it will increase bug bounty rewards for Android, it will pay up to $1.5 million for bugs that allow to hack new Titan M security chip. At the end of 2018, Google announced its Titan M dedicated security chip that is currently installed on Google Pixel 3 and Pixel 4 devices. The […]

Pierluigi Paganini November 21, 2019
DePriMon downloader uses a never seen installation technique

ESET researchers discovered a new downloader, dubbed DePriMon, that used new “Port Monitor” methods in attacks in the wild.  The new DePriMon downloader was used by the Lambert APT group, aka Longhorn, to deploy malware. According to a report published by Symantec in 2017, Longhorn is a North American hacking group that has been active since […]

Pierluigi Paganini November 21, 2019
Roboto, a new P2P botnet targets Linux Webmin servers

Security experts discovered a new peer-to-peer (P2P) botnet dubbed Roboto that is targeting Linux servers running unpatched Webmin installs. Researchers at 360Netlab discovered a new P2P botnet, tracked as Roboto, that is targeting Linux servers running unpatched installations of Webmin installs. The experts first spotted the Roboto botnet in August when they detected a suspicious […]

Pierluigi Paganini November 19, 2019
CVE-2019-2234 flaws in Android Camera Apps exposed millions of users surveillance

Experts found multiple flaws (CVE-2019-2234) in the Android camera apps provided by Google and Samsung that could allow attackers to spy on users. Cybersecurity experts from Checkmarx discovered multiple vulnerabilities in the Android camera apps provided by Google and Samsung could have been exploited by hackers to spy on hundreds of millions of users. The […]