Security Affairs

Pierluigi Paganini January 13, 2020
Facebook quickly fixed a bug exploited in attacks that exposed Page Admins info

Facebook addressed last week a security flaw that exposed page admin accounts, the bug was exploited against several high-profile pages. Last week Facebook has addressed a security issue that exposed page admin accounts, the bug was exploited in attacks in the wild against several high-profile pages. The page admin accounts are anonymous unless the Page […]

Pierluigi Paganini January 13, 2020
Hacker that hit UK National Lottery in 2016 was sentenced to prison

The alleged hacker behind the credential stuffing attacks on UK National Lottery accounts has been sentenced to nine months in prison. Anwar Batson (29) of London has been sentenced to nine months in prison for fraud and four violations under the Computer Misuse Act of 1990. The sentence was announced by the UK’s National Crime Agency […]

Pierluigi Paganini January 13, 2020
5G – The Future of Security and Privacy in Smart Cities

5G technology is here, it is the right time to discuss security and privacy in smart cities and their possible evolution. After a long talk and eagerly waiting, finally, 5G technology is here. The 5G tech is fast – really fast, and now, ‘true’ smart cities are just about time to turn into reality. But […]

Pierluigi Paganini January 13, 2020
Maze Ransomware operators leak 14GB of files stolen from Southwire

The Maze ransomware gang has released 14GB of files that they claim were stolen from one of its victims, the Southwire cable manufacturer. The victims of the Maze Ransomware are facing another risk, after having their data encrypted now crooks are threatening to publish their data online. The Maze ransomware also implements data harvesting capabilities, […]

Pierluigi Paganini January 11, 2020
PoC exploits for Citrix ADC and Gateway CVE-2019-19781 flaw released online

Experts announced the availability online of proof-of-concept exploit code for CVE-2019-19781 flaw in Citrix NetScaler ADC and Citrix NetScaler Gateway servers. While security researchers were warning of ongoing scans for Citrix Application Delivery Controller (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) servers affected by the CVE-2019-19781 vulnerability, many experts are announcing the availability online of proof-of-concept exploit […]

Pierluigi Paganini January 10, 2020
Two MageCart groups competed to steal credit cards data from Perricone MD ‘s European skincare sites

Two MageCart groups have planted software skimmers on multiple European websites for the Perricone MD anti-aging skincare Two distinct MageCart groups have compromised multiple European websites for the Perricone MD anti-aging skin-care brand with the intent of stealing customer payment card info. The two groups planted software skimmers on Perricone MD websites in Italy, Germany, […]

Pierluigi Paganini January 09, 2020
Experts warn of ongoing scans for Citrix servers affected by CVE-2019-19781

Threat actors are probing Citrix servers in the attempt to exploit the CVE-2019-19781 remote code execution vulnerability. Security researchers are warning of ongoing scans for Citrix Application Delivery Controller (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) servers affected by the CVE-2019-19781 vulnerabilities. The anomalous activities were detected last week, as reported by the popular expert Kevin […]

Pierluigi Paganini January 09, 2020
TrickBot gangs developed the PowerTrick backdoor for high-value targets

Researchers at SentinelLabs reported that TrickBot operators used a new PowerShell backdoor in recent attacks aimed at high-value targets. SentinelLabs experts discovered a new PowerShell backdoor used by TrickBot operators in recent attacks aimed at Powershell high-value targets, such as financial institutions. TrickBot is a popular banking Trojan that has been around since October 2016, its […]

Pierluigi Paganini January 09, 2020
Interpol: Goldfish Alpha operation reduces cryptojacking by 78%

An operation coordinated by Interpol, dubbed Goldfish Alpha, dismantled an illegal cryptocurrency network operating in Southeast Asia Interpol announced that it has coordinated a successful international operation aimed at removing cryptocurrency miners that infected routers located in Southeast Asia. The operation sees the contribution of Trend Micro, law enforcement and CERTs from ASEAN countries, including […]

Pierluigi Paganini January 09, 2020
Mozilla addresses CVE-2019-17026 Firefox Zero-Day exploited in targeted attacks

Mozilla has released security updates for Firefox browser that address a zero-day flaw (CVE-2019-17026) that has been exploited in targeted attacks. Mozilla has released security updates to address a critical Firefox browser zero-day issue (CVE-2019-17026) that has been exploited in targeted attacks. The CVE-2019-17026 flaw is an “IonMonkey type confusion with StoreElementHole and FallibleStoreElement,” where IonMonkey is the […]