Pierluigi Paganini
August 29, 2020
Researchers with ETH Zurich have identified vulnerabilities in the implementation of the payment card EMV standard that can allow bypassing PIN verification Researchers David Basin, Ralf Sasse, and Jorge Toro-Pozo from the department of computer science at ETH Zurich discovered multiple vulnerabilities in the implementation of the payment card EMV standard that allow hackers to […]
Pierluigi Paganini
August 28, 2020
A former Cisco employee has pleaded guilty to hacking charges and intentionally causing damage to the systems of his company. The former Cisco employee Sudhish Kasaba Ramesh (30) pleaded guilty in federal court in San Jose today to intentionally accessing a protected computer of his company without authorization and causing damage. The news was announced […]
Pierluigi Paganini
August 28, 2020
The Iran-linked Charming Kitten APT group leveraged on WhatsApp and LinkedIn to carry out phishing attacks, researchers warn. Clearsky security researchers revealed that Iran-linked Charming Kitten APT group is using WhatsApp and LinkedIn to conduct spear-phishing attacks. Iran-linked Charming Kitten group, (aka APT35, Phosphorus, Newscaster, and Ajax Security Team) made the headlines in 2014 when experts at iSight issued a report describing the most elaborate net-based spying […]
Pierluigi Paganini
August 28, 2020
Cisco addressed ten high-risk vulnerabilities in NX-OS software, including some issues that could lead to code execution and privilege escalation. Cisco this week released security patches to address ten high-risk vulnerabilities in NX-OS software, including some flaws that could lead to code execution and privilege escalation. The first issue, tracked as CVE-2020-3517, is a DoS […]
Pierluigi Paganini
August 27, 2020
Group-IB security researchers provide evidence linking three campaigns with the use of various JS-sniffer families. Singapore – Group-IB, a global threat hunting and intelligence company headquartered in Singapore, today released its analytical report “UltraRank: the unexpected twist of a JS-sniffer triple threat.” In its report, Group-IB Threat Intelligence experts provide evidence linking three campaigns with the use of various JavaScript-sniffer families […]
Pierluigi Paganini
August 27, 2020
Experts found an unsecured data bucket containing seven gigabytes worth of unencrypted files that include 350,000,000 strings of unique email addresses. Original post at: https://cybernews.com/security/350-million-email-addresses-left-exposed-on-an-unsecured-server/ The CyberNews research team uncovered an unsecured data bucket owned by an unidentified party, containing seven gigabytes worth of unencrypted files that include 350,000,000 strings of unique email addresses. The massive trove […]
Pierluigi Paganini
August 27, 2020
REvil ransomware operators claimed to have breached another healthcare organization, the victim is Valley Health Systems. During ordinary monitoring activity of data leaks, the Cyble Research Team identified a leak disclosure post published by the REvil ransomware operators claiming to have breached a healthcare organization, the Valley Health Systems. Healthcare organizations are a privileged target of […]
Pierluigi Paganini
August 27, 2020
New Zealand’s stock exchange (NZX) confirmed it was hit by a massive distributed denial of service (DDoS) attack from abroad that knocked it offline two days. New Zealand’s stock exchange (NZX) has been hit by distributed denial-of-service (DDoS) attacks that took it offline for two days, trading activity was interrupted until the connectivity was restored. According […]
Pierluigi Paganini
August 27, 2020
Microsoft addressed vulnerabilities in Microsoft Azure Sphere that could lead to the execution of arbitrary code or to the elevation of privileges. Microsoft has recently addressed some vulnerabilities impacting Microsoft Azure Sphere that could be exploited by attackers to execute arbitrary code or to elevate privileges. Azure Sphere OS adds layers of protection and ongoing security […]
Pierluigi Paganini
August 26, 2020
FBI authorities arrested a Russian national in the U.S. after attempting to recruit an employee at a targeted company to plant a malware. US authorities arrested the Russian national Egor Igorevich Kriuchkov (27) after attempting to recruit an employee at a targeted company to plant a piece of malware. The man was arrested on August […]
