it security news

Pierluigi Paganini April 23, 2020
Microsoft issued Out-of-Band advisory to address Autodesk FBX flaws

Microsoft released an out-of-band advisory to address security vulnerabilities affecting Autodesk FBX vulnerabilities in Office, Office 365, and Paint 3D.  Researchers from Autodesk discovered multiple vulnerabilities that affect the Autodesk FBX software development kit (SDK), the issues could lead to code execution and trigger denial of service conditions.  Microsoft confirmed that the issues in the Autodesk […]

Pierluigi Paganini April 23, 2020
State-sponsored hackers are using COVID-19 lures, Google warns

Google warns that nation-backed hackers are exploiting the COVID-19 pandemic to organizations involved in the fight against the pandemic. Google is warning that nation-state actors are exploiting the COVID-19 (Coronavirus) pandemic to target health care organizations and entities involved in the fight against the pandemic. Google’s Threat Analysis Group (TAG) shared its latest findings related […]

Pierluigi Paganini April 23, 2020
Uptick in RPA Software Adoption Reveals Need for Anti-Hacking Training

With smart-working many companies turn to tools like robotic process automation (RPA software) to help make adjustments on the business processes … is it secure? In response to the Coronavirus pandemic, many companies have adjusted how they do business. As they shift to remote work and establish new policies, some companies find these changes to […]

Pierluigi Paganini April 22, 2020
Hacking Apple iPhones and iPads by sending emails to the victims

Two zero-day flaws in the default mailing app pre-installed on iPhones and iPads allow attackers to hack the devices just by sending emails. Experts at cybersecurity firm ZecOps have discovered two zero-day vulnerabilities in iPhone and iPad devices that have been exploited in a series of attacks that targeted iOS high-profile users since at least January 2018. […]

Pierluigi Paganini April 22, 2020
COVID-19 – Neo-Nazis spread a list of credentials for Gates Foundation, NIH, and WHO employees

Nearly 25,000 email credentials allegedly from NIH, WHO, Gates Foundation and other organizations involved in the containment of COVID-19 pandemic are dumped online While the principal organizations engaged in the fight against COVID-19 are the targets of conspiracy theories, a data dump containing email credentials from the Gates Foundation, World Health Organization (WHO), Center for […]

Pierluigi Paganini April 22, 2020
DoppelPaymer Ransomware hits City of Torrance and demands a 680K+ ransom

The City of Torrance of the Los Angeles metropolitan area, California, is the last victim of the DoppelPaymer Ransomware, hackers also stole its data. On Sunday, the computer systems in the city of Torrance suffered a cyber attack that interrupted access to email accounts and server functions. The City of Torrance is located in the […]

Pierluigi Paganini April 22, 2020
A new Insomnia iOS exploit used to spy on China’s Uyghur minority

Security researchers from Volexity discovered a new Insomnia iOS exploit that was being used to spy on China’s Uyghur minority. The Uyghur group is a Turkic minority ethnic group originating from and culturally affiliated with the general region of Central and East Asia. “The Uyghurs are recognized by the Chinese government only as a regional […]

Pierluigi Paganini April 22, 2020
China-linked Winnti APT targets South Korean Gaming firm

China-linked Winnti cyberespionage group targets South Korean video gaming company Gravity, QuoIntelligence (QuoINT) firm reported. Security experts from QuoIntelligence (QuoINT) firm reported that China-linked Winnti cyberespionage group targets South Korean video gaming company Gravity. The Winnti group was first spotted by Kaspersky in 2013, but according to the researchers the gang has been active since 2007. […]

Pierluigi Paganini April 21, 2020
OpenSSL Project fixed high-severity CVE-2020-1967 DoS issue in OpenSSL

The OpenSSL Project has released a security update for OpenSSL that addresses a DoS vulnerability tracked as CVE-2020-1967. The OpenSSL Project released a security update for OpenSSL that patches a high-severity vulnerability, tracked as CVE-2020-1967, that can be exploited by attackers to launch denial-of-service (DoS) attacks. This is the first issue addressed in OpenSSL in […]

Pierluigi Paganini April 21, 2020
Expert discloses 4 zero-days in IBM Data Risk Manager

A security researcher disclosed details of four zero-day flaws impacting an IBM security product after the IT giant refused to address them. The security researcher Pedro Ribeiro, Director of Research at Agile Information Security, has published details about four zero-day vulnerabilities affecting the IBM Data Risk Manager (IDRM) after the company refused to address the […]