Pierluigi Paganini
November 18, 2018
On Thursday, November 15, hackers compromised Daniel’s Hosting, one of the largest Dark Web hosting provider, and deleted 6,500+ sites. On Thursday, November 15, hackers compromised Daniel’s Hosting, one of the largest Dark Web hosting provider. The news was confirmed by Daniel Winzen, the software developer behind the hosting service. Daniel’s Hosting became the largest Dark Web hosting provider earlier […]
Pierluigi Paganini
November 18, 2018
Last week, security experts reported alleged APT29 hackers impersonating a State Department official in attacks aimed at U.S. government agencies, businesses and think tanks. Cyber security experts are warning of new attacks against U.S. government agencies, think tanks, and businesses. Threat actors carried out spear phishing attacks impersonating a State Department official to attempt compromising targets, […]
Pierluigi Paganini
November 18, 2018
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! · CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in […]
Pierluigi Paganini
November 18, 2018
A glitch in Gmail could be exploited by hackers to carry out phishing attacks, the issue is related the way Gmail automatically files messages into Sent folder A bug in Gmail could be exploited by attackers to carry out phishing attacks, the flaw ties the way Gmail automatically files messages into the “Sent” folder. The bug […]
Pierluigi Paganini
November 17, 2018
Million of password resets and two-factor authentication codes exposed in unsecured Vovox DB. Sébastien Kaul, a security researcher based in Berlin, has discovered a poorly secured database owned by communication firm Vovox that contained left names, phone numbers, tens of millions of SMS messages, temporary passwords, two-factor codes, shipping alerts, and other information belonging to customers of companies […]
Pierluigi Paganini
November 16, 2018
Marco Ramilli, founder and CEO at cyber security firm Yoroi has explained how to use Microsoft Powerpoint as Malware Dropper Nowadays Microsoft office documents are often used to propagate Malware acting like dynamic droppers. Microsoft Excel embedding macros or Microsoft Word with user actions (like links or external OLE objects) are the main players in […]
Pierluigi Paganini
November 16, 2018
According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. Hong Kong, 16.11.2018 – Group-IB, an international company that specializes in preventing cyber attacks, presented the findings of its latest Hi-Tech Crime Trends 2018 report at the FinTech Security Conference in Hong Kong organized by Binary Solutions Limited […]
Pierluigi Paganini
November 16, 2018
Malware researchers at the Cybaze ZLab- Yoroi team spotted a new variant of the dangerous APT28 Lojax rootkit. A new variant of the infamous APT28 Lojax (aka Double-Agent) has been discovered by the Cybaze ZLab – Yoroi team. It is the latest version of the well-known rootkit Double-Agent, previously analyzed by ESET researchers. The behavior of […]
Pierluigi Paganini
November 16, 2018
The threat actor TA505 behind many Dridex and Locky campaigns have been using a new Remote Access Trojan (RAT) dubbed tRat. Researchers at Proofpoint warns that the threat actor TA505 have been using a new Remote Access Trojan (RAT) dubbed tRat that implements a modular structure that was written in Delphi. The TA505 operates on a large scale, it was […]
Pierluigi Paganini
November 16, 2018
Group-IB has detected massive campaigns targeting Russian financial institutions posing as the Central Bank of Russia. The emails were disguised to look as if they come from the Central Bank of Russia and FinCERT, the Financial Sector Computer Emergency Response Team. Group-IB experts have discovered that the attack on 15 November could have been carried out by the hacker […]
