Pierluigi Paganini
June 11, 2018
Malware researchers from ESET have spotted a new sophisticated piece of spyware, tracked as InvisiMole, used in targeted attacks in Russia and Ukraine in the last five years. Experts still haven’t attributed the malware to any threat actor, InvisiMole could be a nation-state malware developed for cyber espionage purpose or the result of a development […]
Pierluigi Paganini
June 10, 2018
Crooks attempted to hack the SWIFT system at the Banco de Chile and used a disk-wiping malware as a diversion strategy. The intent of the attackers was to sabotage hundreds of computers at the Banco de Chile while they were attempting to breach the real target, the bank’s SWIFT money transferring system. Causing a broad outage, […]
Pierluigi Paganini
June 10, 2018
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online Kindle Edition Paper Copy Once again thank you! Crooks included the code for CVE-2018-8174 IE Zero-Day in the RIG Exploit Kit Impervas […]
Pierluigi Paganini
June 09, 2018
According to a report published by The Washington Post, Chinese hackers have stolen a huge trove of sensitive data from a U.S. Navy contractor. China-linked hackers have stolen a huge trove of sensitive data from a U.S. Navy contractor, the Washington Post reported Friday. The threat actors stole more than 614 gigabytes of data including secret plans to develop a […]
Pierluigi Paganini
June 09, 2018
Cisco has removed hardcoded credentials that were in Cisco Wide Area Application Services (WAAS), which is a software designed to optimize WAN traffic management. The hardcoded credentials (CVE-2018-0329) resides in the read-only SNMP community string in the configuration file of the SNMP daemon, they could be exploited by attackers to read any data that is accessible via […]
Pierluigi Paganini
June 08, 2018
Cisco fixed several flaws in the Prime Collaboration Provisioning product that allows customers to manage their communications services. Cisco released security patches to address severe vulnerabilities in Prime Collaboration Provisioning (PCP) solution, one of the issues was rated as critical. The vulnerabilities have been found by Cisco during internal security testing and there is no […]
Pierluigi Paganini
June 08, 2018
A security vulnerability was discovered in webcams, IP surveillance cameras and also baby monitors manufactured by the Chinese firm Foscam. The Chinese firm Foscam has released firmware updates to address three vulnerabilities in multiple models of IP-based cameras that could be exploited to take control of vulnerable cameras exposed online. The following flaws were reported by the […]
Pierluigi Paganini
June 07, 2018
Sofacy APT group (APT28, Pawn Storm, Fancy Bear, Sednit, Tsar Team, and Strontium) continues to operate and thanks to rapid and continuously changes of tactics the hackers are able to remain under the radar. According to experts from Palo Alto Networks, the hackers also used new tools in recent attacks, recently the APT group has shifted focus in their interest, from NATO member […]
Pierluigi Paganini
June 07, 2018
Adobe has recently fixed several vulnerabilities, including the CVE-2018-5002 Flash Zero-Day exploited in targeted attacks in the Middle East Adobe has released security updates for Flash Player that address four vulnerabilities, including a critical issue (CVE-2018-5002) that has been exploited in targeted attacks mainly aimed at entities in the Middle East. The CVE-2018-5002 vulnerability, reported by researchers at […]
Pierluigi Paganini
June 07, 2018
The VPNFilter botnet now targeting new devices from other vendors, including ASUS, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE. The VPNFilter botnet is worse than initially thought, according to a new report published by Cisco Talos Intelligence group, the malicious code is now targeting ASUS, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE “First, we have determined that additional devices are […]
