Pierluigi Paganini
September 18, 2017
Experts at Trend Micro reported malware attacks that leveraged the Hangul Word Processor (HWP) word processing application to target users. It has happened again, attackers leveraged the Hangul Word Processor (HWP) word processing application to target users in South Korea. The application is very popular in South Korea and was exploited in several hacking campaigns against entities in the country. In the […]
Pierluigi Paganini
September 17, 2017
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned 11 entities and Iranian nationals for malicious cyber-enabled activity. The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned 11 entities and individuals for malicious cyber-enabled activity. US Dept. of Treasury announced sanctions against 7 Iranian nationals and security firms […]
Pierluigi Paganini
September 17, 2017
About 400,000 Britons may have had their information stolen following the Equifax data breach, the news was reported by the UK division of the company. More details are emerging from the recent Equifax data breach that impacted approximately 143 million U.S. consumers. The attackers exploited the CVE-2017-5638 Apache Struts vulnerability that was fixed back in March, but the company […]
Pierluigi Paganini
September 17, 2017
Magento released updates for Magento Commerce and Open Source 2.1.9 and 2.0.16 that fixed also a critical remote code execution vulnerability. Magento released updates for Magento Commerce and Open Source 2.1.9 and 2.0.16 that fixed numerous flaws, including a critical remote code execution vulnerability. The remote code execution flaw impacts content management system (CMS) and layouts, it could be […]
Pierluigi Paganini
September 16, 2017
The notorious OurMine hacker crew has claimed responsibility for the breach of the popular video streaming service Vevo. Another clamorous data breach made the headlines again, this time the victim is the popular video streaming service Vevo that was hacked by the popular hacking group OurMine. Vevo is an American multinational video hosting service founded on December 8, 2009, as a joint […]
Pierluigi Paganini
September 16, 2017
The cybersecurity expert Stuart Peck, Director of Cyber Security Strategy, ZeroDayLab, shared its view on the Equifax data breach. For those of you living under a rock this week, Equifax suffered a major breach in their security, which led to over 143 million records being stolen by attackers. The information held by Equifax is highly […]
Pierluigi Paganini
September 16, 2017
It has happened, the information stolen in the recent Equifax data breach is offered for sale on the dark web by crooks, but watch out, they are scammers. Equifax discovered the intrusion on July 29, but only 3 months the agency notified customers the incident (on September 7) that occurred between mid-May and late July. The breach affects […]
Pierluigi Paganini
September 15, 2017
It’s official, the Equifax data breach case was caused by the exploitation of the CVE-2017-5638 Apache Struts vulnerability. The Equifax data breach case was solved, that incident was caused by the exploitation of the CVE-2017-5638 Apache Struts vulnerability. The vulnerability affects the Jakarta Multipart parser upload function in Apache and could be exploited by an […]
Pierluigi Paganini
September 15, 2017
Around 200,000 WordPress websites using the Display Widgets Plugin were impacted after it was updated to include malicious code. According to security firm Wordfence, roughly 200,000 WordPress websites were impacted after a plugin they were using was updated to include a backdoor. “If you have a plugin called “Display Widgets” on your WordPress website, remove it […]
Pierluigi Paganini
September 14, 2017
Experts discovered 4,000 compromised installations on Amazon AWS of open source analytics and search tool Elasticsearch that were running PoS malware. Security researchers from the firm Kromtech have discovered 4,000 compromised instances of open source analytics and search tool Elasticsearch that were running PoS malware. According to Kromtech, this is just a portion of the overall number of compromised […]
Cyber Crime / November 04, 2025
