Pierluigi Paganini
January 26, 2018
Security experts from PaloAlto Networks uncovered a large-scale crypto-currency mining operation that involved around 30 million systems worldwide. Security experts from PaloAlto Networks have uncovered a large-scale crypto-currency mining operation active for over 4 months. Experts believe the activity involved around 30 million systems worldwide to mine the Monero cryptocurrency using the open-source XMRig utility. The threat […]
Pierluigi Paganini
January 26, 2018
The popular former NSA hacker Patrick Wardle published a detailed analysis of the CrossRAT malware used by Dark Caracal for surveillance. Last week a joint report published by security firm Lookout and digital civil rights group the Electronic Frontier Foundation detailed the activity of a long-running hacking group linked to the Beirut Government and tracked as Dark […]
Pierluigi Paganini
January 25, 2018
Security experts at Trend Micro have analyzed malware and a tool used by the Lazarus APT group in the recent attacks against financial institutions. Security experts at Trend Micro have analyzed the attacks conducted by the notorious Lazarus APT group against financial institutions. The activity of the Lazarus Group surged in 2014 and 2015, its […]
Pierluigi Paganini
January 25, 2018
Fortinet discovered a strain of ransomware dubbed Spritecoin ransomware that only allows victims Monero payments and pretends to be a cryptocurrency-related password store. Researchers from Fortinet FortiGuard Labs has discovered a strain of ransomware that only allows victims Monero payments and pretends to be a cryptocurrency-related password store. The ransomware poses itself as a “spritecoin” wallet, it asks […]
Pierluigi Paganini
January 25, 2018
According to a security advisory, libcurl is affected by a couple of issues, one of them might cause the leakage of authentication data to third parties. libcurl is a free and easy-to-use client-side URL transfer library, it builds and works identically on numerous platforms. According to a security advisory, libcurl is affected by a couple of issues, one of them might cause the leakage […]
Pierluigi Paganini
January 25, 2018
A new botnet called Hide ‘N Seek (HNS botnet) appeared in the threat landscape, the malware is rapidly spreading infecting unsecured IoT devices, mainly IP cameras. The HNS botnet was first spotted on January 10th by malware researchers from Bitdefender, then it disappeared for a few days, and it has risen over the weekend. The number of infected systems […]
Pierluigi Paganini
January 24, 2018
A critical RCE vulnerability in the Electron framework impacts popular desktop applications, including Skype, Signal, Slack, GitHub Desktop, Twitch, and WordPress.com. A remote code execution vulnerability tracked as CVE-2018-1000006 was fixed in the Electron framework, which is used by popular desktop applications, including Skype, Signal, Slack, GitHub Desktop, Twitch, and WordPress.com. Electron is a node.js, […]
Pierluigi Paganini
January 24, 2018
Experts at security firm Checkmarx discovered two security vulnerabilities in the Tinder mobile apps that could be exploited to spy on users. Security experts at Checkmarx discovered two security vulnerabilities in the Tinder Android and iOS dating applications that could be exploited by an attacker on the same wi-fi network as a target to spy […]
Pierluigi Paganini
January 24, 2018
According to Google software engineer Grzegorz Milka, less than 10 percent of its users have enabled two-factor authentication (2FA) for their accounts. The availability of billions of credentials in the criminal underground due to the numerous massive data breaches occurred in the last years makes it easy for crooks to take over users’ accounts. We always […]
Pierluigi Paganini
January 24, 2018
Bell Canada is notifying customers about a data breach that exposed personal data of roughly 100,000 individuals, this is the second security breach in a few months. Bell Canada is notifying customers about a data breach that exposed personal data of roughly 100,000 individuals, including names, phone numbers, email addresses, usernames and account numbers. “The protection […]
