hacking news

Pierluigi Paganini September 24, 2019
Microsoft released an out-of-band patch to fix Zero-day flaw exploited in the wild

Microsoft released an out-of-band patch to address a Zero-day memory corruption vulnerability in Internet Explorer that has been exploited in attacks in the wild. Microsoft has released an out-of-band patch for an Internet Explorer zero-day vulnerability that was exploited in attacks in the wild. The vulnerability tracked as CVE-2019-1367 is a memory corruption flaw that resides […]

Pierluigi Paganini September 23, 2019
Portuguese hacker faces hundreds of Charges in Football Leaks case

An alleged Portuguese hacker faces 154 charges connected with the publication of internal documents in the Football Leaks case. An alleged Portuguese hacker, Rui Pinto, faces 154 charges connected with the publication of internal documents of top European clubs and soccer officials in the Football Leaks case. The attorney general’s office confirmed last week that […]

Pierluigi Paganini September 23, 2019
TortoiseShell Group targets IT Providers in supply chain attacks

Symantec spotted a new threat actor, tracked as TortoiseShell, that is compromising IT providers to target their specific customers. Symantec researchers spotted a new threat group, tracked as TortoiseShell, that is compromising IT providers to target their specific customers. The group was first spotted in 2018, but experts speculate that it has been active for […]

Pierluigi Paganini September 22, 2019
Critical flaws affect Jira Service Desk and Jira Service Desk Data Center

Atlassian released security updates for Jira Service Desk and Jira Service Desk Data Center to address a critical flaw that can lead to information disclosure Atlassian released security updates to address critical vulnerabilities in Jira Service Desk and Jira Service Desk Data Center. One of the flaw can lead to information disclosure, while another critical […]

Pierluigi Paganini September 22, 2019
Security Affairs newsletter Round 232

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Hi folk, let me inform you that I suspended the newsletter service, anyway I’ll continue to provide you a list of published posts every week through the blog. Once again thank you! A bug in Instagram exposed user […]

Pierluigi Paganini September 21, 2019
Iran denies successful cyber attacks hit infrastructures of its oil sector

In the last hours, some western media reported destructive cyber attacks against infrastructures in the Iranian oil sector, but Iran denied it. Last week drone attacks have hit two major oil facilities run by the state-owned company Aramco in Saudi Arabia, one of them is the Abqaiq site. Western Governments and Saudi Arabia blamed Iran for […]

Pierluigi Paganini September 21, 2019
MMD-0063-2019 – Summarize report of three years MalwareMustDie research (Sept 2016-Sept 2019)

Hello, it’s unixfreaxjp here. It has been a while since I wrote our own blog, and it is good to be back. Thank you for your patience for all of this time. The background It was after September 2016 when we decided to move our blog and since then I had a lot of fun […]

Pierluigi Paganini September 21, 2019
One of the hackers behind EtherDelta hack also involved in TalkTalk hack

US authorities have indicted two men for hacking the exchange EtherDelta in December 2017, one of them was also accused of TalkTalk hack. US authorities have indicted two men, Elliot Gunton and Anthony Tyler Nashatka, for hacking the cryptocurrency exchange EtherDelta in 2017. In December 2017, the popular cryptocurrency exchange EtherDelta was hacked, attackers conducted […]

Pierluigi Paganini September 20, 2019
Commodity Malware Reborn: The AgentTesla “Total Oil” themed Campaign

Agent Tesla is a fully customizable password info-stealer offered as malware-as-a-service, many cyber criminals are choosing it as their preferred recognition tool.   Introduction Nowadays the Malware-As-A-Service is one of the criminal favorite ways to breach security perimeter. Agent Tesla is one of these “commodity malware”. It is a fully customizable password info-stealer and many cyber […]

Pierluigi Paganini September 19, 2019
Emotet is back, it spreads reusing stolen email content

Emotet is back, its operators leverage a recently introduced spear-phishing technique to deliver their malware, they are hijacking legitimate email conversations. In 2019, security experts haven’t detected any activity associated with Emotet since early April, when researchers at Trend Micro have uncovered a malware campaign distributing a new Emotet Trojan variant that compromises devices and […]