Pierluigi Paganini
December 20, 2019
Wawa convenience store chain disclosed a payment card breach that may have exposed debit and credit card data from thousands of customers. Wawa convenience store chain disclosed a payment card breach, its security team discovered a PoS malware on its payment processing systems. Wawa operates more than 860 convenience retail stores, this breach is potentially […]
Pierluigi Paganini
December 19, 2019
Security researcher Bob Diachenko discovered more than 267 million Facebook user IDs, phone numbers and names in an unsecured database. Security expert Bob Diachenko, along with Comparitech, has discovered more than 267 million Facebook user IDs, phone numbers and names in an unsecured database. The huge trove of data is likely the result of an […]
Pierluigi Paganini
December 19, 2019
The Drupal development team released versions 7.69, 8.7.11 and 8.8.1, which address several vulnerabilities, including a serious file processing issue. Drupal developers have released versions 7.69, 8.7.11 and 8.8.1, which address several vulnerabilities, including a serious file processing issue. The most serious issue is related to the Archive_Tar third-party library, it has been assigned a […]
Pierluigi Paganini
December 19, 2019
The FBI warned one again the holiday travelers about the danger of using free WiFi networks while traveling. Free WiFi networks, such as the ones in the airports and hotel, hide many dangers to the holiday travelers, for this reason, has once again published a new warning. Threat actors could leverage free WiFi networks to […]
Pierluigi Paganini
December 19, 2019
Microsoft issues an out-of-band update to address SharePoint flaw, tracked as CVE-2019-1491, that could be exploited to obtain sensitive information. Microsoft issues an out-of-band update to fix an information disclosure vulnerability in SharePoint server, tracked as CVE-2019-1491, that could be exploited by an attacker to obtain sensitive information. “An information disclosure vulnerability exists in SharePoint […]
Pierluigi Paganini
December 18, 2019
BSI, Germany’s federal cybersecurity agency warns of an active malspam campaign that distributing the infamous Emotet banking Trojan. Germany’s federal cybersecurity agency BSI is warning of an active malspam campaign that aims at distributing the Emotet banking Trojan. The malicious messages camouflaged to look like messages delivered by German federal authorities. According to the BSI, […]
Pierluigi Paganini
December 18, 2019
Security experts recently found notable malware activity affecting devices running Linux that is associated with the Momentum Botnet. Malware researchers from Trend Micro recently observed notable malware activity affecting devices running Linux that is associated with the Momentum Botnet. Experts revealed details on the tools and techniques used by the botnet to compromise Linux devices […]
Pierluigi Paganini
December 18, 2019
Experts discovered that at least 200 companies were the victims of a campaign, dubbed Gangnam Industrial Style, carried out by an advanced persistent threat (APT) group. Experts from the CyberX’s threat intelligence team Section 52 uncovered an ongoing cyberespionage campaign, tracked as Gangnam Industrial Style, that targeted industrial, engineering, and manufacturing organizations, most of them in South […]
Pierluigi Paganini
December 17, 2019
Researchers spotted a new Remote Access Trojan (RAT), dubbed Dacls, that was used by the Lazarus APT group to target both Windows and Linux devices. Experts at Qihoo 360 Netlab revealed that the North-Korea Lazarus APT group used a new Remote Access Trojan (RAT), dubbed Dacls, to target both Windows and Linux devices. The activity […]
Pierluigi Paganini
December 17, 2019
TP-Link has addressed a critical vulnerability impacting some TP-Link Archer routers that could allow attackers to login without passwords. TP-Link addressed a critical zero-day vulnerability (CVE-2017-7405) in its TP-Link Archer routers that could be exploited by attackers to remotely take their control over LAN via a Telnet connection without authentication. “This is a zero-day flaw that was […]
