Pierluigi Paganini
April 18, 2018
Network-attached storage devices manufactured by LG Electronics are affected by a critical remote code execution vulnerability that could be exploited by attackers to gain full control of the devices. The experts at the security firm VPN Mentor found a pre-auth remote command injection vulnerability that affects the majority of LG NAS device models. “we found a way to […]
Pierluigi Paganini
April 17, 2018
According to experts at Kaspersky, the Roaming Mantis malware is designed for distribution through a simple, but very efficient trick based on DNS hijacking. According to experts at Kaspersky, the Roaming Mantis malware is designed for distribution through a simple, but very efficient trick based on DNS hijacking. Imagine a nefarious person swapped out your […]
Pierluigi Paganini
April 16, 2018
According to Channel 2 Action News that investigated the incident, the ransomware attack on the City of Atlanta cost it at least $2.7 million. In the last weeks, I wrote about a massive ransomware attack against computer systems in the City of Atlanta. The ransomware infection has caused the interruption of several city’s online services, including “various internal […]
Pierluigi Paganini
April 16, 2018
Security experts at Cisco’s Talos group have discovered a total of 17 vulnerabilities in Moxa EDR-810 industrial routers manufactured by Moxa. The Moxa EDR-810 is an integrated industrial multiport router that implements firewall, NAT, VPN and managed Layer 2 switch capabilities. These devices are used in industrial environments to protect systems such as PLC and SCADA systems […]
Pierluigi Paganini
April 16, 2018
Multiple vulnerabilities in the SecureRandom() function expose Bitcoin web wallet addresses generated by the flawed library to brute-force attacks. Old Bitcoin web wallet addresses generated in the browser or through JavaScript-based wallet apps might be affected by a cryptographic vulnerability that could be exploited b attackers to steal funds. According to the experts, the popular […]
Pierluigi Paganini
April 16, 2018
Nicole Eagan, the CEO of cybersecurity company Darktrace, revealed that is company investigated that hack of an unnamed casino that was breached via a thermometer in a lobby fish tank. Internet of things devices are enlarging our attack surface, smart devices are increasingly targeted by hackers in the wild. The case we are going to discuss demonstrate […]
Pierluigi Paganini
April 15, 2018
The Microsoft network engineer Raymond Uadiale (41) is facing federal charges in Florida for the alleged involvement in Reveton Ransomware case. The man is suspected to have had a role in helping launder money obtained from victims of the Reventon ransomware. Uadiale currently works at Microsoft site in Seattle since 2014, according to Florida police between October […]
Pierluigi Paganini
April 15, 2018
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online Kindle Edition Paper Copy Once again thank you! · ATMJackpot, a new strain of ATM Malware discovered by experts · Auth0 authentication […]
Pierluigi Paganini
April 14, 2018
Malware researchers from Abuse.ch, BrillantIT, and Proofpoint have sinkholed the control infrastructure behind EITest campaign and shut down it. Malware researchers from Abuse.ch, BrillantIT, and Proofpoint have sinkholed the control infrastructure behind EITest campaign that leveraged on a network of hacked servers exploited by crooks to distribute traffic (TDS). The network was used to redirect users to compromised domains hosting exploit kits, delivering […]
Pierluigi Paganini
April 14, 2018
The British train company Great Western Rail announced it has suffered a security breach that affected at least 1,000 accounts out of more than a million. The company owned by the FirstGroup transport business runs trains between London, Penzance, and Worcester Great Western Rail is urging affected customers to change the password used to access the GWR.com portal, it also informed […]
