Pierluigi Paganini
February 04, 2020
Twitter discloses a security incident involving third-parties that exploited its official API to match phone numbers with Twitter usernames. On December 24, 2019 the company discovered that its API were exploited by a large network of fake accounts to match Twitter usernames to phone numbers. The company immediately suspended the involved accounts. “On December 24, 2019 we […]
Pierluigi Paganini
February 04, 2020
Last week NCA arrested six individuals in the United Kingdom because they are suspected to be involved in a Malta cyber-heist and money laundering operation. Britain’s National Crime Agency (NCA) arrested six individuals in the United Kingdom because they are accused to be involved in a cyber-heist of a Malta bank and money laundering operation. […]
Pierluigi Paganini
February 03, 2020
Apple researcher discovered an important vulnerability (CVE-2019-18634) in ‘sudo’ utility that allows non-privileged Linux and macOS users to run commands as Root. Security expert Joe Vennix from Apple has discovered an important vulnerability in ‘sudo‘ utility, tracked as CVE-2019-18634, that allows non-privileged Linux and macOS users to run commands as Root. The issue could be […]
Pierluigi Paganini
February 03, 2020
Cybercriminals are planting so-called “sleepers” in cleaning companies so that they can physically access IT infrastructure and hack them. The alert was launched by a senior police officer, cyber criminals are planting so-called “sleepers” in cleaning companies so that they can gau physical access IT infrastructure and hack them. The police are urging organizations to […]
Pierluigi Paganini
February 03, 2020
Hackers have already compromised more than 2,300 Linear eMerge E3 building access systems exploiting a severe vulnerability that has yet to be fixed. Linear eMerge E3 smart building access systems designed by Nortek Security & Control (NSC) are affected by a severe vulnerability (CVE-2019-7256) that has yet to be fixed and attackers are actively scanning […]
Pierluigi Paganini
February 03, 2020
The Apollon market, one of the largest marketplaces, is likely exit scamming after the administrators have locked vendors’ accounts. The Apollon market, one of the darknet’s largest marketplaces, is likely exit scamming, vendors and customers reported suspicious behavior of its administrators. Users on Reddit are reporting that vendors can’t withdrawal funds nor sign into their […]
Pierluigi Paganini
February 02, 2020
Russia’s Roskomnadzor watchdog wants to fine Facebook and Twitter after they refused to store data of Russian users on servers located in the country. Russia’s telecommunications watchdog Roskomnadzor has instituted administrative proceedings against Facebook and Twitter after they refused to store data of Russian users on servers located in the country. “On January 31, 2020, Roskomnadzor instituted administrative […]
Pierluigi Paganini
February 02, 2020
The popular ProtonMail end-to-end encrypted email service and ProtonVPN VPN service have been blocked by the Russian government this week. This week the Russian government has blocked the ProtonMail end-to-end encrypted email service and ProtonVPN VPN service. Roskomnadzor explained that the services were abused by cybercriminals and that Proton Technologies refused to register them with state authorities. The […]
Pierluigi Paganini
February 02, 2020
Microsoft announced the launch of an Xbox bug bounty program with rewards of up to $20,000 for critical remote code execution flaws. Microsoft is going to launch an Xbox bug bounty program that will pay rewards of up to $20,000 for critical remote code execution vulnerabilities. “The Xbox Bounty Program invites gamers, security researchers, and […]
Pierluigi Paganini
February 02, 2020
An ongoing phishing campaign launched by TA505 is using attachments featuring HTML redirectors for delivering malicious Excel docs Security experts from Microsoft have uncovered an ongoing phishing campaign launched by the TA505 cybercrime gang (aka Evil Corp) that is employing attachments featuring HTML redirectors for delivering malicious Excel docs. According to Microsoft, this is the […]
