Pierluigi Paganini
April 05, 2018
The North Korea-linked APT group known as Lazarus made the headlines again for attacking an online casino in Central America and other targets. The activity of the Lazarus Group (aka Hidden Cobra) surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. […]
Pierluigi Paganini
April 04, 2018
Hackers compromised hundreds of Magento e-commerce websites to steal credit card numbers and install crypto-mining malware. According to the security firm Flashpoint, hackers launched brute-force attacks against Magento installs, they used a dictionary composed of common and known default Magento credentials. “Ecommerce websites running on the popular open-source Magento platform are being targeted by attackers who are using […]
Pierluigi Paganini
April 04, 2018
On April 3, Microsoft Out-Of-Band Security Update to address the CVE-2018-0986 vulnerability affecting the Microsoft Malware Protection Engine (MMPE). Microsoft Malware Protection Engine is the core component for malware detection and cleaning of several Microsoft anti-malware software. It is currently implemented in Windows Defender, Microsoft Security Essentials, Microsoft Endpoint Protection, Windows Intune Endpoint Protection, and Microsoft Forefront Endpoint […]
Pierluigi Paganini
April 03, 2018
Google will ban cryptocurrency mining extensions from the official Chrome Web Store after finding many of them abusing users’ resources without consent. The number of malicious extensions is rapidly increased over the past few months, especially those related to mining activities. The company has introduced a new Web Store policy that bans any Chrome extension submitted to […]
Pierluigi Paganini
April 03, 2018
FIN7 hackers stole credit and debit card information from millions of consumers who have purchased goods at Saks Fifth Avenue and Lord & Taylor stores. A new data breach made the headlines, the victim is Saks Fifth Avenue and Lord & Taylor stores. According to the parent company Hudson’s Bay Company (HBC), the security breach […]
Pierluigi Paganini
April 03, 2018
Researchers John Mason with the help of TheBestVPN.com the ethical hacker File Descriptor from Cure53 tested 15 VPN services and 10 of them were causing DNS leaks through their Chrome browser extensions. Intro Google Chrome has a feature called DNS Prefetching(https://www.chromium.org/developers/design-documents/dns-prefetching) which is an attempt to resolve domain names before a user tries to follow a link. It’s a solution to reduce latency delays […]
Pierluigi Paganini
April 02, 2018
After Cambridge Analytica case, Facebook announced security improvements to prevent future interference with elections. Facebook is under the fire after the revelation of the Cambridge Analytica case and its role in the alleged interference to the 2016 US presidential election. While the analysts are questioning about the interference with other events, including the Brexit vote, Facebook is now looking […]
Pierluigi Paganini
April 02, 2018
The security researcher Dhiraj Mishra (@mishradhiraj_) has studied how VPNs & Privacy Browsers leak users’ IPs via WebRTC Hi Internet, You might have heard about VPN’s & Privacy Browsers leaking users’ IPs via WebRTC [1] [2] Summary: Got CVE-2018-6849 reserved, wrote a Metasploit Module for this issue which uses WebRTC and collects the leak private IP address, however this module may […]
Pierluigi Paganini
April 01, 2018
The Philippine central bank has thrown an alert to local financial institutions following a cyber attack against the SWIFT servers at the Malaysian central bank. The Philippine central bank has thrown an alert to local financial institutions following a cyber attack against the Malaysian central bank. According to Malaysian governor, the hackers attempted to steal money through fraudulent wire […]
Pierluigi Paganini
April 01, 2018
A security expert discovered severe security issues in APFS file system for macOS High Sierra that expose passwords of encrypted external drives in plain text. A vulnerability in APFS file system for macOS High Sierra operating system has been discovered by forensic analyst Sarah Edwards. According to Edwards, the flaw exposes passwords of encrypted external drives in plain text. […]
