hacking news

Pierluigi Paganini October 05, 2019
A bug in Signal for Android could be exploited to spy on users

Researcher discovered a logical flaw in the Signal messaging app for Android that could be exploited by a malicious caller to force a call to be answered at the receiver’s end without interaction. Google Project Zero white-hat hacker Natalie Silvanovich discovered a logical vulnerability in the Signal messaging app for Android that could be exploited […]

Pierluigi Paganini October 05, 2019
Magecart hackers are expanding their operations

Cybercrime gangs under the Magecart umbrella continue to compromise e-commerce platforms to steal payment card data from users worldwide. Hacker groups under the Magecart umbrella continue to target to steal payment card data with so-called software skimmers. Security firms have monitored the activities of a dozen groups at least since 2010.  According to a joint report […]

Pierluigi Paganini October 04, 2019
The sLoad Threat: Ten Months Later

Since September 2018, SLoad (tracked as TH-163) is the protagonist of an increasing and persistent wave of attacks against Italian organizations. Introduction SLoad (TH-163) is the protagonist of increasing and persistent attack waves against the Italian panorama since Q3 2018 and then in 2019 (e.g N020419, N040619, N010819), but also against the UK and Canada as reported by Proofpoint. Ten months […]

Pierluigi Paganini October 04, 2019
Project Zero researcher found unpatched Android zero-day likely exploited by NSO group

Google Project Zero researcher Maddie Stone discovered a critical unpatched zero-day vulnerability affecting the Android mobile operating system. Maddie Stone, a member of the Google elite team Project Zero, discovered a critical unpatched zero-day vulnerability affecting the Android mobile operating system. According to the expert, the bug, tracked as CVE-2019-2215, was allegedly being used or […]

Pierluigi Paganini October 03, 2019
6 cyber-espionage campaigns since 2013 attributed to PKPLUG China-linked group

Security experts linked a number of cyber-espionage campaigns observed over the years to the same Chinese threat actor, tracked as PKPLUG. Security experts linked a number of cyber-espionage campaigns observed over the years to the same Chinese threat actor, tracked as PKPLUG. The name comes from the threat actor using PlugX inside ZIP archives containing […]

Pierluigi Paganini October 03, 2019
FBI warns about high-impact Ransomware attacks on U.S. Organizations

The U.S. Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) warns organizations about high-impact ransomware attacks. In a wake of the recent string of attacks against cities, school districts and hospitals, the U.S. Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) issued organizations about high-impact ransomware attacks. “Ransomware attacks are becoming more targeted, […]

Pierluigi Paganini October 02, 2019
Zendesk 2016 security breach may impact Uber, Slack, and other organizations

Zendesk discloses a data breach that took place in 2016 when a hacker accessed data of 10,000 users, including passwords, emails, names, and phone numbers. In 2016, customer service software company Zendesk suffered a security breach that exposed data of 10,000 users, including passwords, emails, names, and phone numbers. Zendesk software is currently used by […]

Pierluigi Paganini October 02, 2019
Expert disclosed details of remote code execution flaw in Whatsapp for Android

Researcher discovered a double-free vulnerability in WhatsApp for Android that could be exploited by remote attackers to execute arbitrary code on the vulnerable device. A security researcher that goes online with the moniker Awakened discovered a double-free vulnerability in WhatsApp for Android and demonstrated how to leverage on it to remotely execute arbitrary code on […]

Pierluigi Paganini October 01, 2019
Singapore presented the Operational Technology (OT) Cybersecurity Masterplan

The Cyber Security Agency of Singapore (CSA) presented the Operational Technology (OT) Cybersecurity Masterplan to increase the resilience of Critical Information Infrastructure (CII) sectors. The Cyber Security Agency of Singapore (CSA) presented the Operational Technology (OT) Cybersecurity Masterplan to enhance the security and resilience of Singapore’s Critical Information Infrastructure (CII) sectors in delivering essential services. […]

Pierluigi Paganini October 01, 2019
Hackers breached one of Comodo Forums, 245,000 users impacted

The ITarian Forum, the Comodo discussion board and support forums, has been hacked and data belonging to nearly 245,000 registered users were exposed. Hackers breached the ITarian Forum, the Comodo discussion board and support forums, accessing login credentials of nearly 245,000 users registered with the Comodo Forums websites. Comodo has not specified which of its […]