Pierluigi Paganini
September 17, 2020
Drupal maintainers addressed several information disclosure and cross-site scripting (XSS) flaws in the popular content management system (CMS). Drupal maintainers addressed several information disclosure and cross-site scripting (XSS) vulnerabilities in the popular content management system (CMS). The most severe issue, tracked as CVE-2020-13668, is a critical reflected XSS issue affecting Drupal 8 and 9. Let’s remind that Drupal uses […]
Pierluigi Paganini
September 17, 2020
A major hospital in Duesseldorf was hit by a cyber attack, a woman who needed urgent admission died after she had to be hijacked to another city. The news is shocking, German authorities revealed that a cyber attack hit a major hospital in Duesseldorf, the Duesseldorf University Clinic, and a woman who needed urgent admission […]
Pierluigi Paganini
September 17, 2020
University Hospital New Jersey (UHNJ) has suffered a ransomware attack, SunCrypt ransomware operators also leaked the data they have stolen. Systems at the University Hospital New Jersey (UHNJ) were encrypted with the SunCrypt ransomware, threat actors also stolen documents from the institution and leaked it online. The incident took place in September. The UHNJ is […]
Pierluigi Paganini
September 17, 2020
US Department of Justice announced indictments against 5 Chinese nationals alleged members of a state-sponsored hacking group known as APT41. The United States Department of Justice this week announced indictments against five Chinese nationals believed to be members of the cyber-espionage group known as APT41 (Winnti, Barium, Wicked Panda and Wicked Spider). US authorities are […]
Pierluigi Paganini
September 16, 2020
The source code of the infamous Cerberus banking Trojan has been released for free on underground hacking forums following a failed auction. The author of the Cerberus banking Trojan has released the source code of the malware on underground hacking forums following a failed auction. In July, the authors of the notorious Cerberus Android banking trojan auctioned […]
Pierluigi Paganini
September 16, 2020
The US National Security Agency (NSA) published guidance on the Unified Extensible Firmware Interface (UEFI) Secure Boot customization. The United States National Security Agency (NSA) has published guidance on how the Unified Extensible Firmware Interface (UEFI) Secure Boot feature that can be customized organizations. The Unified Extensible Firmware Interface (UEFI) is a specification that defines […]
Pierluigi Paganini
September 16, 2020
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a malware analysis report (MAR) that includes technical details about web shells employed by Iranian hackers. A web shell is a code, often written in typical web development programming languages (e.g., ASP, PHP, JSP), that attackers implant on web servers to gain remote access and code […]
Pierluigi Paganini
September 16, 2020
A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. According to security firm Tencent, the team of […]
Pierluigi Paganini
September 15, 2020
Microsoft released the Project OneFuzz, an open-source fuzzing framework for its cloud computing service Azure. Microsoft this week announced the release of the Project OneFuzz which is an open-source fuzzing framework for its cloud computing service Azure. The project was previously used by the IT giant to find vulnerabilities in the popular service. “Today, we’re […]
Pierluigi Paganini
September 15, 2020
Experts warn of a surge in the DDoS attacks against education institutions and the academic industry across the world. While the popularity of online learning is increasing due to the ongoing Coronavirus pandemic, threat actors are launching distributed denial-of-service (DDoS) on education institutions and the academic industry across the world. The DDoS attacks are causing […]
