Pierluigi Paganini
April 07, 2017
Wikileaks published a new batch of 27 documents detailing the Grasshopper framework used by its agents to create custom installers for Windows malware. WikiLeaks continues to disclose documents included in the CIA Vault 7 archive, on Friday published a new batch of 27 documents detailing a framework, dubbed Grasshopper, allegedly used to create custom installers for Windows malware. […]
Pierluigi Paganini
April 07, 2017
Security experts at Palo Alto Networks have discovered a new Linux/IoT botnet dubbed Amnesia botnet that has been targeting digital video recorders (DVRs). Amnesia exploited an unpatched remote code execution vulnerability that was disclosed more than one year ago by security researcher Rotem Kerner. “fraudsters are adopting new tactics in order to attack retailers. This new […]
Pierluigi Paganini
April 06, 2017
Security experts uncovered a widespread campaign tracked as Operation Cloud Hopper known to be targeting managed service providers (MSPs) worldwide. Chinese APT10 group is the main suspect. Security experts from PwC UK and BAE Systems have uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper, targeting managed service providers (MSPs) in multiple countries worldwide. The experts […]
Pierluigi Paganini
April 06, 2017
Scottrade Bank confirmed that a technical incident has exposed 20,000 customer records. a 60GB MSSQL database was accidentally left open online. It is official, the Scottrade Bank suffered a data breach that affected thousands of its customers. Online brokerage Scottrade has admitted the data breach for sensitive loan applications from roughly 20,000 customers. The incident […]
Pierluigi Paganini
April 06, 2017
The Mobility Express Software shipped with Cisco Aironet 1830 Series and 1850 Series access points has a hard-coded admin-level SSH password. Yesterday I wrote about SCADA systems that are currently shipped with an unchangeable hard-coded password, and today I’m here to discuss you a similar problem. The Mobility Express Software developed by the IT giant […]
Pierluigi Paganini
April 06, 2017
Members of the United Cyber Caliphate (UCC) pro-ISIS hacker group has released a new kill list with 8,786 targets in US, UK The pro-ISIS hacking group United Cyber Caliphate (UCC) has released a “kill list” containing the names and addresses of 8,786 individuals in the U.S. and UK. The group published a shocking video online […]
Pierluigi Paganini
April 05, 2017
Cyber criminals launched a sophisticated cyber heist that compromised the entire DNS infrastructure of a major Brazilian Bank. A cyber criminal organization took over online service of a major Brazilian bank for five hours. The hackers compromised the bank DNS system and intercepted all the connections to the financial institution. According to Kaspersky Lab who […]
Pierluigi Paganini
April 05, 2017
The firmware running on the Schneider Modicon TM221CE16R (Firmware 1.3.3.3) has a hardcoded password, and there is no way to change it. I believe it is very disconcerting to find systems inside critical infrastructure affected by easy-to-exploit vulnerabilities while we are discussing the EU NIS directive. What about hard-coded passwords inside critical systems? Unfortunately, it’s happened […]
Pierluigi Paganini
April 04, 2017
Chrysaor spyware is an Android surveillance malware that remained undetected for at least three years, NSO Group Technology is suspected to be the author. Security experts at Google and Lookout spotted an Android version of one of the most sophisticated mobile spyware known as Chrysaor that remained undetected for at least three years. due to its […]
Pierluigi Paganini
April 04, 2017
Experts at Cylance disclosed two UEFI flaws that can be exploited by attackers to install a backdoor on some Gigabyte BRIX mini PCs. Experts at security firm Cylance have disclosed two UEFI vulnerabilities that can be exploited by attackers to install a backdoor on some Gigabyte BRIX mini PCs. The experts tested the latest firmware […]
