Pierluigi Paganini
April 15, 2019
Thousands of WordPress sites using the Yellow Pencil Plugin were exposed to hacking due to a privilege escalation vulnerability in the plugin. A privilege escalation vulnerability in the Yellow Pencil Visual Theme Customizer plugin exposes WordPress websites to hack. The flaw could be exploited by attackers to update arbitrary options on vulnerable installations. Early this […]
Pierluigi Paganini
April 14, 2019
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! DNS hijacking campaigns target Gmail, Netflix, and PayPal users Rockwell Automation fixes multiple DoS flaws in Stratix Switch introduced by Cisco Software AeroGrow suffered a payment card data breach […]
Pierluigi Paganini
April 13, 2019
Hackers publish personal data on thousands of US police officers and federal agents Media outlet Techcrunch reported that a hacker group has breached several FBI-affiliated websites and leaked the stolen info online. A hacker group claims to have hacked dozens of websites affiliated with the FBI and leaked online dozens of files containing the personal […]
Pierluigi Paganini
April 13, 2019
The hacker that hacked and defaced Matrix.org decided to disclose the security issues discovered during the attack and offers advice. This week, the hacker behind the hack of Matrix.org decided to disclose the vulnerabilities discovered during the attack. Matrix is an open network for secure, decentralized real-time communication that is also used for instant messaging, […]
Pierluigi Paganini
April 12, 2019
Good news for the victims of the CryptoPokemon ransomware, security experts at Emsisoft just released a free decrypter tool. Victims of the CryptoPokemon ransomware have a good reason to smile, security experts at Emsisoft have released a free decrypter tool. The ransomware was first discovered by experts at IntezerLabs, the CryptoPokemon ransomware is a new […]
Pierluigi Paganini
April 12, 2019
According to experts a vulnerability in the popular WordPress plugin Yuzo Related Posts is exploited by attackers to redirect users to malicious sites. The XSS flaw allows attackers to inject a JavaScript into the sites that redirect visitors to websites displaying scams, including tech support scams, and sites promoting unwanted software. The Yuzo Related Posts […]
Pierluigi Paganini
April 12, 2019
Users that have downloaded the VSDC multimedia editing software between 2019-02-21 and 2019-03-23, may have been infected with malware. Users that have downloaded the VSDC multimedia editing software between 2019-02-21 and 2019-03-23, may have been infected with a banking trojan and an information stealer. VSDC is a popular, free video editing and converting app and […]
Pierluigi Paganini
April 10, 2019
Security experts at Kaspersky Lab reported that over 60,000 stolen profiles are offered for sale on an private marketplace called Genesis Store. More than 60,000 stolen profiles are offered for sale in the underground marketplace Genesis Store, it includes browser fingerprints, web site user logins and passwords, cookies, and credit card information. The seller is […]
Pierluigi Paganini
April 10, 2019
Minnesota Department of Human Services announced to have suffered a data breach that may have exposed the personal information of about 11,000 people. Minnesota Department of Human Services suffered a data breach that may have exposed the personal information of about 11,000 people. The state Department of Human Services notified lawmakers Tuesday the incident. Attackers […]
Pierluigi Paganini
April 10, 2019
Microsoft Patches Windows Privilege Escalation Flaws Exploited in Attacks Microsoft has released its April 2019 Patch Tuesday updates that address over 70 vulnerabilities, including two Windows zero-day flaws. Microsoft has released the April 2019 Patch Tuesday updates that address 74 vulnerabilities, including two Windows zero-days under active attack. April 2019 Patch Tuesday security updates resolve […]
