Pierluigi Paganini
November 30, 2018
Security researchers at Trend Micro recently discovered PowerShell-based backdoor that resembles a malware used by MuddyWater threat actor. Malware researchers at Trend Micro have discovered a Powershell-based backdoor that is very similar to a malware used by MuddyWater APT group. The first MuddyWater campaign was observed in late 2017, then researchers from Palo Alto Networks were investigating a mysterious wave […]
Pierluigi Paganini
November 30, 2018
Starwood Data Breach – Hackers accessed the guest reservation system of the Marriot owned Starwood since 2014 and copied and encrypted the information. Marriott International is the last victim of a long string of data breaches, the company announced that hackers compromised guest reservation database at its subsidiary Starwood hotels and stolen personal details of about 500 […]
Pierluigi Paganini
November 29, 2018
The Yoroi-Cybaze ZLAB dissected the VBS script embedded into the zip archives delivered to the victims of a recent attack. Introduction Few days ago, the CERT-Yoroi bulletin N061118 disclosed a dangerous campaign attacking several Italian users. The attack wave contained some interesting techniques need to look into further, especially regarding the obfuscation used to hide the malicious […]
Pierluigi Paganini
November 29, 2018
Exploring the open API abuse for Docker Containers. Docker is a popular container product which has been adopted widely by the community. Preface IT industry has seen quite a few transformations in last couple of decades with advent of disruptive technologies. Back in 2000, every aspiring student wanted to become computer /IT engineer, thanks to […]
Pierluigi Paganini
November 29, 2018
Dell data breach – IT giant Dell disclosed a data breach, the company confirmed it has detected an intrusion in its systems on November 9th 2018. Attackers were trying to exfiltrate customer data (i.e. names, email addresses, and hashed passwords) from the company portal Dell.com, from support.dell.com websites. Wednesday that its online electronics marketplace experienced a […]
Pierluigi Paganini
November 28, 2018
A British MP claims Facebook was ware about Russian political interference in 2014, long before the events become public. The British MP Damian Collins, head of a parliamentary inquiry into disinformation, revealed that one of the emails seized from US software company Six4Three as part of a US lawsuit, demonstrates that a Facebook engineer had notified the social network giant in October […]
Pierluigi Paganini
November 28, 2018
British and Dutch data protection regulators fined the ride-sharing company Uber with $1,170,892 for the 2016 data breach. British and Dutch data protection regulators have fined Uber with $1,170,892 for the 2016 security breach that exposed personal data of 57 million of its users. In November 2017, the Uber CEO Dara Khosrowshahi announced that hackers broke […]
Pierluigi Paganini
November 27, 2018
Hacker compromised third-party NodeJS module “Event-Stream” introducing a malicious code aimed at stealing funds in Bitcoin wallet apps. The malicious code was introduced in the version 3.3.6, published on September 9 via the Node Package Manager (NPM) repository. The Event-Stream library is a very popular NodeJS module used to allow developers the management of data streams, it has nearly 2 […]
Pierluigi Paganini
November 27, 2018
Security researchers with Checkmarx developed two mobile applications that abuse the functionality of smart bulbs for data exfiltration. Security researchers with Checkmarx developed two mobile applications that exploit smart bulbs features for data exfiltration. The experts used the Magic Blue smart bulbs that implement communication through Bluetooth 4.0. The devices are manufactured by the Chinese company called […]
Pierluigi Paganini
November 27, 2018
UK Parliament Seizes seized confidential Facebook documents from the developer of a now-defunct bikini photo searching app to investigate its data protection policies. A British lawmaker obliged a visiting tech executive to share the files ahead of an international hearing that parliament is hosting on Tuesday to gather info into disinformation and “fake news.” Committee Chairman […]
