Pierluigi Paganini
March 03, 2019
The Wireshark Foundation released Wireshark 3.0.0, the latest release of the popular open-source packet analyzer. The Wireshark Foundation announced the release of Wireshark 3.0.0, the latest release of the popular open-source packet analyzer. The new version addresses several bugs and introduces tens of new features, it also improved existing features. The most important changes is […]
Pierluigi Paganini
March 03, 2019
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! 70000 Pakistani banks cards with PINs go on sale on the dark web. CVE-2019-9019 affects British Airways Entertainment System on Boeing 777-36N(ER) Duo Labs presents CRXcavator Service that analyzes […]
Pierluigi Paganini
March 03, 2019
According to security experts at Fox-IT, a recently addressed flaw in the Cobalt Strike penetration testing platform could be exploited to identify attacker servers. Security experts at Fox-IT discovered that a recently addressed vulnerability in the Cobalt Strike penetration testing platform could be exploited to identify attacker servers. The vulnerability was addressed in Cobalt Strike […]
Pierluigi Paganini
March 02, 2019
Bug bounty platform HackerOne announced that two of its members have each earned more than $1 million by participating bug bounty programs. Bug bounty programs could be a profitable activity, the popular bug bounty platform HackerOne announced that two of its members have each earned more than $1 million by helping companies in discovering flaws […]
Pierluigi Paganini
March 01, 2019
Experts analyzed tools and intrusion methods used by theChina-linked cyber-espionage group Emissary Panda in attacks over the past 2 years. This morning I wrote about a large-scale cyber attack that hit the International Civil Aviation Organization (ICAO) in November 2016, Emissary Panda was suspected to be the culprit. Experts at Secureworks reports who investigated the […]
Pierluigi Paganini
March 01, 2019
Cybaze-Yoroi ZLab analyze a new GoLang botnet named GoBrut, the investigation allowed to discover that the bot supports a lot more features Introduction Malware written in Go programming language has roots almost a decade ago, few years after its first public release back in 2009: starting from InfoStealer samples discovered since 2012 and abused in […]
Pierluigi Paganini
February 28, 2019
The popular in-browser cryptocurrency mining service Coinhive has announced that it will shut down on March 8, 2019. The service made the headlines across the years because it was used by crooks to abuse computational resources of the victims that were visiting compromised websites hosting the Coinhive script. Coinhive was initially launched as a legitimate […]
Pierluigi Paganini
February 28, 2019
Experts at Exploit detection service EdgeSpot detected several PDF documents that exploit a zero-day flaw in Chrome to harvest user data. Exploit detection service EdgeSpot spotted several PDF documents that exploit a zero-day vulnerability in Chrome to harvest data on users who open the files through the popular web browser. The experts initially detected the […]
Pierluigi Paganini
February 27, 2019
Security researchers at Cisco Talos are warning of a spike in attacks on unsecured Elasticsearch clusters to drop cryptocurrency miners. Cisco Talos experts have reported a spike in the attacks thatleverage known flaws to compromise unsecured Elasticsearch clusters and use them to mine crypto-currencies. At least six different threat actors are targeting installs running older […]
Pierluigi Paganini
February 27, 2019
Researchers found a new set of flaws that can be exploited via Thunderbolt to compromise a broad range of modern computers with Thunderclap attacksResearchers found a new set of flaws that can be exploited via Thunderbolt to compromise a broad range of modern computers with Thunderclap attacks Security experts from Rice University in the United […]
