hacking news

Pierluigi Paganini October 20, 2019
Fake UpdraftPlus WordPress Plugins used to backdoor sites

Threat actors leverage malicious plugins that hide in plain sight to backdoor WordPress websites and to use them for brute-forcing other sites. The use of fake WordPress plugins installed by hackers is not a novelty, recently at Sucuri observed multiple infections aimed at installing fake plugins with backdoor capabilities. Attackers use automated tools to create malicious WordPress […]

Pierluigi Paganini October 19, 2019
A critical Linux Wi-Fi bug could be exploited to fully compromise systems

A researcher discovered a critical Linux vulnerability, tracked as CVE-2019-17666, that could be exploited to fully compromise vulnerable machines. Nico Waisman, principal security engineer at Github, discovered a critical Linux flaw, tracked as CVE-2019-17666, that could be exploited by attackers to fully compromise vulnerable machines. The vulnerability affects Linux versions through 5.3.6, according to the […]

Pierluigi Paganini October 19, 2019
Hundreds of millions of UC Browser Android Users Exposed to MiTM Attacks. Again.

Over 600 million UC Browser and UC Browser Mini Android users have been exposed to man-in-the-middle (MiTM) attacks. More than 600 million users of the popular UC Browser and UC Browser Mini Android apps have been exposed to man-in-the-middle (MiTM) attacks by downloading an Android Package Kit (APK) from a third party server over unprotected channels. […]

Pierluigi Paganini October 18, 2019
Systems at Ingredients provider Ingredion infected with a Malware

The US ingredient provider Ingredion Incorporated announced that it has recently detected suspicious activity associated with a malware attack. The US ingredient provider Ingredion Incorporated revealed to have detected an ongoing malware attack after its experts noticed a suspicious activity this week. Ingredion has hired third-party experts to help its staff in investigating the incident […]

Pierluigi Paganini October 18, 2019
China-linked cyberspies Turbine PANDA targeted aerospace firms for years

Security firm revealed that China-linked APT group Turbine Panda conducted cyber-espionage operations aimed at various aerospace firms for years. Security researchers at Crowdstrike conducted long-running cyber-espionage operations aimed at various aerospace firms. According to the experts the cyber espionage operations begun in January 2010, after the state-owned enterprise Commercial Aircraft Corporation of China (COMAC) selected […]

Pierluigi Paganini October 18, 2019
Pitney Bowes revealed that its systems were infected with Ryuk Ransomware

The global shipping and mailing services company Pitney Bowes revealed that the recent partial outage was caused by the Ryuk ransomware. The global shipping and mailing services company Pitney Bowes recently suffered a partial outage of its service caused by a ransomware attack. Pitney Bowes is a global technology company that provides commerce solutions in the […]

Pierluigi Paganini October 17, 2019
M6 Group, largest France private multimedia group, hit by ransomware attack

M6, one of France’s biggest TV channels, hit by ransomware Unlike The Weather Channel earlier this year, M6 remained on the air. The M6 Group, the largest France private multimedia group, was the victim of ransomware over the weekend. The systems at the M6 Group, France’s largest private multimedia group, were infected with the ransomware […]

Pierluigi Paganini October 16, 2019
Signature update for Symantec Endpoint protection crashed many device

Symantec rolled out an intrusion prevention signature update for its Endpoint Protection product that has caused many devices to crash and display a so-called blue screen of death (BSOD). An intrusion prevention signature update for the Endpoint Protection product had a bad impact on the devices, in many cases it caused the devices to crash […]

Pierluigi Paganini October 16, 2019
Approaching the Reverse Engineering of a RFID/NFC Vending Machine

Security expert Pasquale Fiorillo demonstrates how to hack n RFID/NFC Vending Machine. The affected vendor did not answer to my responsible disclosure request, so I’m here to disclose this “hack” without revealing the name of the vendor itself. The target vending machine uses an insecure NFC Card, MIFARE Classic 1k, that has been affected by multiple […]

Pierluigi Paganini October 16, 2019
Chinese-speaking cybercrime gang Rocke changes tactics

Chinese-speaking cybercrime gang Rocke that carried out several large-scale cryptomining campaigns, has now using news tactics to evade detection. Chinese-speaking cybercrime gang Rocke, that carried out several large-scale cryptomining campaigns in past, has now using news tactics to evade detection. The group has been observed using new tactics, techniques, and procedures (TTPs), it is also […]