Hacking

Pierluigi Paganini July 03, 2018
Microsoft revealed that 2 Zero-Days found in March were part of a cyber weapon in an early development stage

Microsoft published technical details of 2 zero-days that have been recently discovered after someone uploaded a weaponized PDF file to VirusTotal. Security researchers from Microsoft have published technical details of two zero-day vulnerabilities that have been recently discovered after someone uploaded a weaponized PDF file to VirusTotal. The two issues were addressed by Microsoft with […]

Pierluigi Paganini July 02, 2018
Trezor users targeted by phishing attacks, experts blame DNS Poisoning or BGP Hijacking

The maintainers of the Trezor multi-cryptocurrency wallet service reported a phishing attack against some of its users that occurred during the weekend. I had some issues yesterday, when accessing your site. It seems to be related with DNS. Is https://t.co/wGje8x5lRN legit? — Carsten 🇹🇭 ⚡ (@CarstenBKK) July 1, 2018 The attack appears more complex respect […]

Pierluigi Paganini July 02, 2018
A sample of CryptoCurrency Clipboard Hijackers monitors 2.3 Million Bitcoin addresses

A sample of CryptoCurrency Clipboard Hijackers discovered this week by BleepingComputer monitors for more than 2.3 million addresses. Almost any people that have to send cryptocurrency coins use to copy the recipient wallet address into memory from one application and use it to make the transaction. Crooks’ interest in cryptocurrency continues to grow and new malware was specifically […]

Pierluigi Paganini July 01, 2018
Zerodium offers up to $500,000 for Linux Zero-Day exploits

The sale of Zero-day exploits is a prolific business, zero-day broker Zerodium offers rewards of up to $500,000 FreeBSD, OpenBSD, NetBSD, Linux Zero-Days. The sale of Zero-day exploits is a prolific business that most people totally ignore, to better understand its evolution let’s analyze together the offer of the popular exploit broker Zerodium. To have […]

Pierluigi Paganini July 01, 2018
Security Affairs newsletter Round 169 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! ·      A hacker devised a method to unlock […]

Pierluigi Paganini July 01, 2018
Security issues in the LTE standard expose billions on mobile users to attacks

Security issues in the LTE mobile device standard could be exploited by persistent attackers to spy on users’ cellular networks and hijack data traffic. A team of from Ruhr-Universität Bochum and New York University Abu Dhabi has discovered some security issues in the LTE mobile device standard that could be exploited by persistent attackers (i.e. intelligence […]

Pierluigi Paganini June 30, 2018
The popular online survey software Typeform suffered a security breach

Typeform, the popular online survey platform, has suffered a data breach that exposed partial data of some users, no payment card data was stolen. Typeform, the popular online survey platform, is the last victim of a data breach. Typeform software is widely adopted by businesses worldwide to easily arrange surveys, it allows easy creation of […]

Pierluigi Paganini June 29, 2018
Adidas warns US consumers of a potential security breach

The sportswear company Adidas announced that it has launched an investigation after learning of a potential security breach that could impact millions of its US customers. Adidas published a security alert to warn that hackers may have stolen customer data from its US website. The German sportswear company confirmed that attackers may have had unauthorized access to […]

Pierluigi Paganini June 29, 2018
Hackers compromised Gentoo Linux GitHub Page and planted a malicious code

The development team of the Gentoo Linux distribution notifies users that hackers compromised one of the GitHub accounts and planted a malicious code. Developers of the Gentoo Linux distribution announced that hackers compromised one of the GitHub accounts used by the organization and planted a malicious code. “Today 28 June at approximately 20:20 UTC unknown […]

Pierluigi Paganini June 29, 2018
Ticketmaster suffered a data breach and blamed a third-party provider over the incident

The entertainment ticketing service Ticketmaster announced it has suffered a data breach that exposed personal and payment customer information. Hackers accessed name, address, email address, telephone number, payment details and Ticketmaster login details of company customers. According to the company, attackers installed a malicious code on customer support product hosted by Inbenta Technologies, an external […]