Pierluigi Paganini
December 16, 2019
NPM, the biggest package manager for JavaScript libraries, has addressed a vulnerability that could be exploited to execute “binary planting” attacks. NPM maintainers have addressed a vulnerability that could allow a package publisher to modify and/or gain access to arbitrary files on a user’s system when the package is installed, so-called “binary planting” attacks. The vulnerability […]
Pierluigi Paganini
December 16, 2019
New evidence suggests that in the recent attack against the systems at the City of New Orleans was used the Ryuk ransomware. Over the weekend, New Orleans officials announced in a press conference that the city was hit by a ransomware attack, the incident was discovered in the morning of December 13, 2019. The IT […]
Pierluigi Paganini
December 15, 2019
From iPhone to NT AUTHORITY\SYSTEM – As promised in my previous post, I will show you how to exploit the “Printconfig” dll with a real world example. But what does Apple’s iPhone have to do with it?? Well, keep on reading… (sorry no) Some time ago, me and my “business partner” @padovah4ck, were looking for possible privileged […]
Pierluigi Paganini
December 15, 2019
Iran telecommunications minister announced that for the second time in a week Iran has foiled a cyber attack against its infrastructure. Iran has foiled a new cyber-attack, the country’s telecommunications minister Mohammad Javad Azari-Jahromi says. A few days ago, the Iranian telecommunications minister Mohammad Javad Azari Jahromi, announced that the Islamic Republic had recently thwarted […]
Pierluigi Paganini
December 15, 2019
The largest hospital in New Jersey announced on Friday that a ransomware attack last week disrupted its network and that it paid a ransom. The largest hospital in New Jersey, the Hackensack Meridian Health, was the victim of a ransomware attack last week that disrupted its network, the IT staff decided to pay the ransom […]
Pierluigi Paganini
December 14, 2019
Rooster Teeth Productions has suffered a data breach that exposed payment card information from shoppers on the company’s online store. The popular production company Rooster Teeth Productions has suffered a data breach, hackers have stolen credit card and other payment data from users that made purchases on the company’s online store. Rooster Teeth Productions, LLC is […]
Pierluigi Paganini
December 13, 2019
Shopin founder charged by SEC for running $42 million scam cryptocurrency ICO The US Securities and Exchange Commission (SEC) has charged the founder of Shopin, Eran Eyal, for allegedly running $42 million scam ICO. The Securities and Exchange Commission today charged a digital-asset entrepreneur and his company with defrauding investors in an initial coin offering (ICO) […]
Pierluigi Paganini
December 13, 2019
WordPress sites running outdated versions of “Ultimate Addons for Beaver Builder,” or “Ultimate Addons for Elementor” plugins are exposed to hack. Security experts from MalCare discovered a critical easy-to-exploit authentication bypass vulnerability in “Ultimate Addons for Beaver Builder,” or “Ultimate Addons for Elementor.” The vulnerability resides in the way the plugins let WordPress account holders, […]
Pierluigi Paganini
December 13, 2019
VISA is warning of ongoing targeted cyber attacks conducted by crooks on point-of-sale (POS) systems of North American fuel dispenser merchants. According to a security alert published by VISA, the PoS systems of North American fuel dispenser merchants are under attack. Visa Payment Fraud Disruption (PFD) reported that at least three attacks took place this summer, crooks […]
Pierluigi Paganini
December 12, 2019
The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. Microsoft experts reported that the GALLIUM hacking group exploits unpatched vulnerabilities to compromise systems running /JBoss application servers. “Microsoft Threat Intelligence Center (MSTIC) is raising […]
