Pierluigi Paganini
June 04, 2019
What can Apple ‘s fan do to work with his favorite company? A teen opted out to hack it twice. A 17-year-old teenager Australian teenager decided to attract the attention of the tech giant by gaining access to its mainframe with false credentials. The teen was dreaming of a job in Apple and was convicted […]
Pierluigi Paganini
June 03, 2019
Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication Summary:Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication via a /remote/media_control?action=setUri&uri=URI Technical Observation: We are abusing […]
Pierluigi Paganini
June 03, 2019
Microsoft Azure cloud services are being abused by threat actors to host malware and as command and control (C&C) servers. Threat actors look with great interest at cloud services that could be abused for several malicious purposes, like storing malware or implementing command and control servers. Now it seems to be the Microsoft Azure’s turn, […]
Pierluigi Paganini
June 02, 2019
Leicester City Football Club disclosed a card breach that affected its website, hackers stole payment card data, including card numbers and CVVs. Leicester City Football Club revealed that hackers have breached its website (https://shop.lcfc.com/) and stole credit card data of people that bought products disclosed a card breach that affected its website, hackers stole payment […]
Pierluigi Paganini
June 02, 2019
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy If you appreciate my effort in spreading cybersecurity awareness, please vote for Security Affairs in the section “Your Vote for the Best EU Security Tweeter” https://www.surveymonkey.com/r/EUBloggerAwards2018 Police seized Bestmixer, the mixing service washed […]
Pierluigi Paganini
June 02, 2019
Turla, the Russia-linked cyberespionage group, is weaponizing PowerShell scripts and is using them in attacks against EU diplomats. Turla (aka Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON), the Russia-linked APT group, is using weaponized PowerShell scripts in attacks aimed at EU diplomats. Turla group has been active since at least 2007 targeting government organizations and […]
Pierluigi Paganini
June 01, 2019
Apple released security updates for Windows versions of iTunes and iCloud, to address recently disclosed SQLite and WebKit security flaws. Apple released security updates to address recently disclosed SQLite and WebKit security vulnerabilities affecting Windows versions of iTunes and iCloud. Apple released iTunes for Windows 12.9.5 that addresses a total of 25 flaws, four SQLite […]
Pierluigi Paganini
June 01, 2019
A new cryptojacking campaign was spotted by experts at Trend Micro, crooks are using Shodan to scan for Docker hosts with exposed APIs. Threat actors are using the popular Shodan search engine to find Docker hosts and abuse them in a crypojacking campaign. Attackers leverage self-propagating Docker images infected with Monero miners and scripts that […]
Pierluigi Paganini
May 31, 2019
Researchers at 0patch released a temporary micropatch for the unpatched BearLPE local privilege escalation zero-day flaw in Windows 10. Experts at 0patch released a micropatch to temporary fix a still-unpatched local privilege escalation on systems without rebooting them. The zero-day vulnerability, dubbed BearLPE, was recently disclosed by the security researcher SandboxEscaper. The following video shows how the […]
Pierluigi Paganini
May 31, 2019
Microsoft issued a new warning for users to update their systems to address the remote code execution vulnerability dubbed BlueKeep. Microsoft issued a new warning for users of older Windows OS versions to update their systems in order to patch the remote code execution vulnerability dubbed BlueKeep. The vulnerability, tracked as CVE-2019-0708, impacts the Windows […]
