Pierluigi Paganini
May 24, 2020
Researchers have discovered a dump containing 29.1M Indian jobseekers personal details that was offered for free in the hacking underground. Researchers discovered a dump containing 29.1M Indian jobseekers personal details that was offered for free in the hacking underground. An anonymous entity told Cyble researchers that the data were stored on an unprotected elastic search […]
Pierluigi Paganini
May 23, 2020
Experts reported the existence of a botnet, tracked as Silent Night based on the Zeus banking Trojan that is available for sale in several underground forums. This week researchers from Malwarebytes and HYAS published a report that included technical details on a recently discovered botnet, tracked as Silent Night, being distributed via the RIG exploit kit and COVID-19 malspam […]
Pierluigi Paganini
May 23, 2020
Officials revealed that the Florida Unemployment System suffered a data breach that impacted some residents who have made unemployment claims. The Florida Department of Economic Opportunity revealed that the Florida Unemployment System suffered a data breach that impacted some residents who have made unemployment claims. It has notified 98 people that have been impacted by […]
Pierluigi Paganini
May 22, 2020
A severe privilege escalation vulnerability, tracked as CVE-2020-11492, has been addressed in the Windows Docker Desktop Service. Cybersecurity researchers from Pen Test Partners publicly disclosed a privilege escalation vulnerability in the Windows Docker Desktop Service. The CVE-2020-11492 issue affects the way the service uses named pipes when communicating as a client to child processes. “Docker Desktop for […]
Pierluigi Paganini
May 22, 2020
The Winnti hacking group continues to target gaming industry, recently it used a new malware named PipeMon and a new method to achieve persistence. Winnti hacking group is using a new malware dubbed PipeMon and a novel method to achieve persistence in attacks aimed at video game companies. The Winnti group was first spotted by Kaspersky […]
Pierluigi Paganini
May 21, 2020
Santander Consumer Bank, the Belgian branch of the bank, had a misconfiguration in its blog domain that was allowing its files to be indexed. Our new research recently discovered a security issue with Santander, the 5th largest bank in Europe and the 16th largest in the world. This Spanish multinational bank controls approximately $1.4 trillion in […]
Pierluigi Paganini
May 21, 2020
Thousands of Israeli websites have been defaced earlier today, hackers published an anti-Israeli message on their homepage and attempted to implant malicious code. A massive hacking campaign defaced thousands of Israeli websites, attackers published an anti-Israeli message on their homepage and attempted to inject a malware seeking permission to access visitors’ webcams. “Be ready for […]
Pierluigi Paganini
May 21, 2020
Cybersecurity researchers uncovered an Iranian cyber espionage campaign conducted by Chafer APT and aimed at critical infrastructures in Kuwait and Saudi Arabia. Cybersecurity researchers from Bitdefender published a detailed report on an Iranian cyber espionage campaign directed against critical infrastructures in Kuwait and Saudi Arabia. The cyber espionage campaigns were carried out by Iran-linked Chafer […]
Pierluigi Paganini
May 21, 2020
Japan continues to investigate a cyberattack that hit this year Mitsubishi Electric Corp., it suspects a possible leak of data including details of a prototype missile. Japan is still investigating a cyberattack that was disclosed by Mitsubishi Electric Corp. early this year. In January, the company disclosed a security breach that might have exposed personal and confidential corporate data, […]
Pierluigi Paganini
May 20, 2020
VMware has addressed a high-severity remote code execution vulnerability, tracked as CVE-2020-3956, that affects its Cloud Director product. VMware has patched a high-severity remote code execution vulnerability, tracked as CVE-2020-3956, in its Cloud Director product. The vulnerability is a code injection issue that could be exploited by an authenticated attacker to send malicious traffic to […]
