Pierluigi Paganini
February 12, 2018
Cybersecurity week Round-Up (2018, Week 6) -Let’s try to summarize the most important event occurred last week in 3 minutes. Cyber criminals continue to target cryptocurrency industry with malware and phishing attacks. Security researchers at Netlab have spotted a new Android mining botnet, dubbed ADB.miner, that targets devices with ADB interface open. An international operation conducted […]
Pierluigi Paganini
February 12, 2018
Researchers from CSE ZLAB malware Analysis Laboratory analyzed a set of samples of the Pallas malware family used by the Dark Caracal APT in its hacking operations. The malware researchers from ZLab analyzed a collection of samples related to a new APT tracked as Dark Caracal, which was discovered by Electronic Frontier Foundation in collaboration […]
Pierluigi Paganini
February 12, 2018
The number of crypto mining scripts discovered by security experts continues to increase, especially those ones illegally deployed by hacking servers online. The experts from Qihoo 360’s Netlab analyzed crypto mining scripts online by analyzing DNS traffic with its DNSMon system. The experts were able to determine which sites load the scripts from domains associated with in-browser mining services. […]
Pierluigi Paganini
February 11, 2018
Thousands of websites worldwide hijacked by a cryptocurrency mining code due to the hack of the popular Browsealoud plugin. A massive attack hit thousands of websites around the world, crooks deployed Coinhive scripts forcing them to secretly mine cryptocurrencies on visitors’ browsers. The list of compromised websites (4275) includes the UK’s NHS, Information Commissioner’s Office (ICO) (ico.org.uk), the UK’s […]
Pierluigi Paganini
February 11, 2018
Hackers are exploiting the CVE-2018-0101 CISCO ASA flaw in attacks in the wild and a Proof-of-concept exploit code is available online. This week, Cisco has rolled out new security patches for a critical vulnerability, tracked as CVE-2018-0101, in its CISCO ASA (Adaptive Security Appliance) software. This is the second the tech giant issued a security patch to fix the […]
Pierluigi Paganini
February 10, 2018
According to a security advisory issued by Lenovo, two critical vulnerabilities in Broadcom chipsets affects at least 25 models of Lenovo ThinkPad. The affected models are ThinkPad 10,  ThinkPad L460, ThinkPad P50s, ThinkPad T460, ThinkPad T460p, ThinkPad T460s, ThinkPad T560, ThinkPad X260 and ThinkPad Yoga 260. One of the flaws was discovered in June by Google that publicly disclosed […]
Pierluigi Paganini
February 10, 2018
VMware has provided detailed instruction on how to mitigate the Meltdown and Spectre vulnerabilities in several of its products. VMware is releasing patches and workarounds for its Virtual Appliance products affected by the Meltdown and Spectre vulnerabilities. The Meltdown and Spectre attacks could be exploited by attackers to bypass memory isolation mechanisms and access target sensitive […]
Pierluigi Paganini
February 09, 2018
The group of hackers known as ‘fail0verflow’ has discovered a vulnerability in the gaming console Nintendo Switch that could be exploited to install a Linux distro. The hackers announced their discovery in a post on Twitter, the published an image of a console running the Debian Linux distro after the hack. đ§đ§đ§đ§ #switch pic.twitter.com/4iTjTk9D59 — fail0verflow (@fail0verflow) […]
Pierluigi Paganini
February 09, 2018
Security expert Paulos Yibelo has discovered a vulnerability in Hotspot Shield VPN from AnchorFree that can expose locations of the users. Paulos Yibelo, a security researcher, has discovered a vulnerability that can expose users and locations around the globe compromising their anonymity and privacy. The company has about 500 million users globally. VPN services providers […]
Pierluigi Paganini
February 09, 2018
A new PoS malware dubbed UDPoS appeared in the threat landscape and implements a novel and hard to detect technique to steal credit card data from infected systems. The UDPoS malware was spotted by researchers from ForcePoint Labs, it relies upon User Datagram Protocol (UDP) DNS traffic for data exfiltration instead of HTTP that is the protocol used by […]
