Pierluigi Paganini
April 05, 2019
If you use a Xiaomi smartphone you should be aware that a pre-installed security software could be abused for malicious activities. Bad news for the owners of Xiaomi smartphones, a pre-installed security application could be used as a backdoor by hackers. Security experts at CheckPoint have discovered that a security app, called Guard Provider, that […]
Pierluigi Paganini
April 05, 2019
Malware researcher and founder of Yoroi Marco Ramill described a step-by-step procedure that shows how to dissect an Office dropper. During the past few weeks, I received several emails asking how to dissect Office Payloads. While I was thinking about how to answer to such questions I received a MalSpam with a Microsoft Office document […]
Pierluigi Paganini
April 05, 2019
Security experts at Rapid7 have discovered that over 2 million Apache HTTP servers are still affected by the CVE-2019-0211 critical privilege escalation flaw. An important privilege escalation vulnerability (CVE-2019-0211) affecting the Apache HTTP server could be exploited by users with the right to write and run scripts to gain root on Unix systems via scoreboard […]
Pierluigi Paganini
April 04, 2019
NSA released the complete source code for its GHIDRA suite, the version 9.0.2 is available on the Agency’s Github repository. In January 2019, the National Security Agency (NSA) announced the release at the RSA Conference of the free reverse engineering framework GHIDRA. GHIDRA is a multi-platform reverse engineering framework that runs on major OSs (Windows, […]
Pierluigi Paganini
April 04, 2019
Security experts at Trend Micro spotted a new variant of the XLoader Trojan that is targeting Android devices by posing as a security application. Trend Micro discovered a new variant of the XLoader Trojan that is targeting Android devices by posing as a security application, the malware also attempts to infect Apple devices (iPhones and […]
Pierluigi Paganini
April 03, 2019
The huge trove of Facebook user data was amassed and stored online on unprotected cloud servers by third-party Facebook app developers. Definitively I can tell you that this is an awful period for Facebook and its users. We first read about an embarrassing incident involving the social network giant that asked some newly-registered users to […]
Pierluigi Paganini
April 03, 2019
Crime without punishment: Group-IB issues a new report on JS-sniffers that infected 2440 websites around the world Group-IB, an international company that specializes in preventing cyberattacks, has issued a new comprehensive report on the analysis of JavaScript-sniffers – a type of malware designed to steal customer payment data from online stores. 2440 infected ecommerce websites […]
Pierluigi Paganini
April 03, 2019
The Georgia Institute of Technology (Georgia Tech) announced to have suffered a security breach, “an unknown outside entity” had access to data of up to 1.3 million people. The Georgia Institute of Technology (Georgia Tech) suffered a security breach, on Tuesday it revealed that “an unknown outside entity” had gained unauthorized access to a database […]
Pierluigi Paganini
April 03, 2019
Security experts at Zscaler discovered that threat actors are using hidden “well-known” directories of HTTPS sites to store and deliver malicious payloads. Crooks are utilizing hidden “well-known” directories of HTTPS sites running WordPress and Joomla websites to store and serve malicious payloads. Hacked websites were used for several malicious purposes, experts observed compromised WordPress and […]
Pierluigi Paganini
April 02, 2019
Cyber Defense eMagazine April 2019 Edition has arrived. We hope you enjoy this month’s edition…packed with over 140 pages of excellent content. InfoSec Knowledge is Power. We have 7 years of eMagazines online with timeless content. Visit our online library by clicking here. CLICK HERE TO DOWNLOAD A HIGH QUALITY PDF VERSION. CLICK HERE TO READ […]
