Pierluigi Paganini
June 04, 2020
A Chinese threat actor tracked as Cycldek (aka Goblin Panda, or Conimes) has developed new tool to steal information from air-gapped systems. Security experts from Kaspersky Lab reported that the Chinese threat actor tracked as Cycldek (aka Goblin Panda, or Conimes) has developed new tool to steal information from air-gapped systems. The Cycldek group was […]
Pierluigi Paganini
June 03, 2020
Researchers from Cisco Talos disclosed two critical flaws in the Zoom software that could have allowed attackers to hack into the systems via chat. Zoom is one of the most popular video-conferencing software, every day it is used by millions of users, especially during the COVID outbreak. Cybersecurity researchers from Cisco Talos have disclosed two critical vulnerabilities […]
Pierluigi Paganini
June 03, 2020
Tor Browser 9.5 includes important security updates to Firefox, users on desktop will be able to opt-in for using onion sites automatically whenever the website makes them available. Starting with the release of Tor Browser 9.5, new features will make accessing onion addresses easier. Now, there is also an opt-in mechanism available for websites that want Tor […]
Pierluigi Paganini
June 03, 2020
REvil /Sodinokibi ransomware operators launch an auction site to sell data stolen from victims that have chosen to not pay the ransom. Sodinokibi ransomware operators are very active in this period, a few days after the gang has leaked the files allegedly stolen from the UK power grid middleman Elexon it has announced to launch […]
Pierluigi Paganini
June 02, 2020
Last week a massive distributed denial-of-service (DDoS) attack shut down the websites and systems of Minneapolis, but there is no evidence of a breach. Over the weekend, Anonymous demanded justice for George Floyd and threatened to ‘expose the many crimes’ of Minneapolis Police. George Floyd was killed by a white police officer by kneeling on his neck […]
Pierluigi Paganini
June 02, 2020
This week Apple released security patches to address the CVE-2020-9859 zero-day vulnerability that had been used to jailbreak iPhones devices. Apple released security patches to address the CVE-2020-9859 zero-day vulnerability in the iOS kernel that had been used to jailbreak iPhones. The flaw was discovered by a team of cyber-security researchers and hackers that also […]
Pierluigi Paganini
June 02, 2020
Researchers disclosed a flaw in VMware Cloud Director platform, tracked as CVE-2020-3956, that could be abused to takeover corporate servers. Security researchers from hacking firm Citadelo disclosed details for a new critical vulnerability in VMware’s Cloud Director platform, tracked as CVE-2020-3956, that could be abused to takeover corporate servers. VMware Cloud Director is a cloud service-delivery platform […]
Pierluigi Paganini
June 01, 2020
VMware has released an update to address a privilege escalation flaw in VMware for the macOS version of Fusion that was introduced by a previous patch. In March, VMware patched a high-severity privilege escalation vulnerability (CVE-2020-3950) in Fusion, Remote Console (VMRC) and Horizon Client for Mac. The CVE-2020-3950 is a privilege escalation vulnerability caused by the […]
Pierluigi Paganini
June 01, 2020
Maintainers at the Joomla open-source content management system (CMS) announced a security breach that took place last week. Last week a member of the Joomla Resources Directory (JRD) team left an unencrypted full backup of the JRD site (resources.joomla.org) on an unsecured Amazon Web Services S3 bucket operated by the company. The company did not […]
Pierluigi Paganini
May 31, 2020
EU Agency for Cybersecurity ENISA has published a new report of the proactive detection of incidents, including measures and information sources. The EU Agency for Cybersecurity ENISA has published a new report and accompanying repository on measures and information sources that could help security experts and operators of IT and critical infrastructure to proactively detect […]
