Pierluigi Paganini Archives - Page 861 of 1073

Pierluigi Paganini April 23, 2019

Bodybuilding.com forces password reset after a security breach

Bad news for fitness and bodybuilding passionates, the popular online retailer Bodybuilding.com announced that hackers have broken into its systems. The popular online retailer website Bodybuilding.com announced last week that hackers have broken into its systems. The website offers any kind of fitness articles, exercises, workouts, and supplements. The company confirmed it has no evidence […]

Pierluigi Paganini April 23, 2019

FireEye experts found source code for CARBANAK malware on VirusTotal

Cybersecurity researchers from FireEye revealed that the Carbanak source code has been available on VirusTotal for two years, and none noticed it before. Researchers at FireEye discovered that the Carbanak source code has been available on VirusTotal for two years, but it was not noticed before. The Carbanak gang (aka FIN7, Anunak or Cobalt) stole over […]

Pierluigi Paganini April 23, 2019

Iran-linked APT34: Analyzing the webmask project

Security expert Marco Ramilli published the findings of a quick analysis of the webmask project standing behind the DNS attacks implemented by APT34 (aka OilRig and HelixKitten). Thanks to the leaked source code it is now possible to check APT34 implementations and techniques. Contest: Since at least 2014, an Iranian threat group tracked by FireEye as APT34 has […]

Pierluigi Paganini April 23, 2019

EmCare reveals patient and employee data were hacked

EmCare disclosed that a number of employees’ email accounts had been hacked, potentially exposing personal information of patients and employees.EmCare disclosed that a number of employees’ email accounts had been hacked, potentially exposing personal information of patients and employees. US healthcare firm EmCare Inc disclosed that a number of employees’ email accounts had been accessed, […]

Pierluigi Paganini April 22, 2019

jQuery JavaScript library flaw opens the doors for attacks on hundreds of millions of websites

The popular jQuery JavaScript library is affected by a rare prototype pollution vulnerability that could allow attackers to modify a JavaScript object’s prototype. The impact of the issue could be severe considering that the jQuery JavaScript library is currently used on 74 percent of websites online, most sites still use the 1.x and 2.x versions […]

Pierluigi Paganini April 22, 2019

Russian Twitter bot activity increased in the wake Mueller report release

Experts at security firm SafeGuard reported that Russian Twitter bot activity raised up by 286 percent in the wake of the release of the Mueller Report. Experts at security firm SafeGuard reported that Russian Twitter bot activity raised up by 286 percent in the wake of the release of the Mueller Report. Social media platforms […]

Pierluigi Paganini April 22, 2019

Campaign leverages Bit.ly, BlogSpot, and Pastebin to distribute RevengeRAT

Palo Alto Networks Unit 42 researchers uncovered a malicious campaign targeting entities in North America, Europe, Asia, and the Middle East with RevengeRAT. The campaign was carried out during March, threat actors tracked as Aggah” used pages hosted on Bit.ly, BlogSpot, and Pastebin as a command-and-control (C2) infrastructure to distribute the RevengeRAT. Attackers hit organizations […]

Pierluigi Paganini April 22, 2019

A flaw in Shopify API flaw exposed revenue and traffic data of thousands of stores

Researcher discovered a high-severity flaw in Shopify e-commerce platform that could have been abused to expose the traffic and revenue data for the stores. Bug bounty hunter Ayoub Fathi. discovered a vulnerability in a Shopify API endpoint that could be exploited to leak the revenue and traffic data of thousands of stores. The Shopify platform […]

Pierluigi Paganini April 21, 2019

Ride-Hailing Company operating in Iran exposes data of Iranian Drivers

Security researcher discovered a database belonging to a ride-hailing company operating in Iran that was left exposed online containing over 6.7M records. Security researcher Bob Diachenko discovered a database belonging to a ride-hailing company operating in Iran that was left exposed online without protection. The MongoDB instance named ‘doroshke-invoice-production‘ contained over 6.7 million records of […]

Pierluigi Paganini April 21, 2019

Security Affairs newsletter Round 210 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! Attackers hacked support agent to access Microsoft Outlook email accounts Major coordinated disinformation campaign hit the Lithuanian Defense Romanian duo convicted of fraud Scheme infecting 400,000 computers Security Affairs […]