Pierluigi Paganini
July 31, 2019
Experts warn of a new campaign carried out by threat actors that are wiping Iomega NAS devices exposed online. Security experts are warning of a campaign carried out by attackers that are deleting files on publicly accessible Lenovo Iomega NAS devices. Likely attackers use the Shodan search engine to find unprotected IOmega NAS exposed online […]
Pierluigi Paganini
July 30, 2019
Experts spotted a Java ATM malware that was relying on the XFS (EXtension for Financial Service) API to “jackpot” the infected machine Introduction Recently our attention was caught by a really particular malware sample most probably linked toa recent cybercriminal operation against the banking sector. This piece of malicious code is a so-called ‘ATM malware‘: […]
Pierluigi Paganini
July 30, 2019
Capital One, one of the largest U.S. –card issuer and financial corporation suffered a data breach that exposed personal information from more than 100 million credit applications. A hacker that goes online with the handle “erratic” breached the systems at Capital One and gained access to personal information from 106 million Capital One credit applications. […]
Pierluigi Paganini
July 29, 2019
Security experts at Plugin Vulnerabilities have discovered an authenticated Persistent Cross-Site Scripting (XSS) flaw in Facebook Widget. Researchers at Plugin Vulnerabilities have discovered an authenticated Persistent Cross-Site Scripting (XSS) flaw in the Facebook Widget (Widget for Facebook Page Feeds). The plugin is one of the 1,000 most popular plugins and it was closed on the […]
Pierluigi Paganini
July 29, 2019
One of the most active drug sellers on the Dark Web was charged by law authorities and ordered to forfeit over $4 million in cryptocurrency. The US Department of Justice (DoJ) charged Richard Castro (36) (aka “Chemsusa,” “Chems_usa,” and “Jagger109”) with participating in a conspiracy to distribute carfentanil, fentanyl, and a fentanyl analogue over the […]
Pierluigi Paganini
July 29, 2019
According to experts at Sonicwall, scanning of random ports and the diffusion of encrypted malware are characterizing the threat landscape. In 2018, global malware volume recorded by SonicWall hit a record-breaking 10.52 billion attacks. The situation is better in the first half of 2019, when SonicWall recorded 4.8 billion attacks, a 20% drop compared to […]
Pierluigi Paganini
July 29, 2019
Watch out! Playing a video on Android devices could be a dangerous operation due to a critical CVE-2019-2107 RCE flaw in Android OS between version 7.0 and 9.0. Playing a specially-crafted video on devices with the Android’s native video player application could allow attackers to compromise them due to a dangerous critical remote code execution […]
Pierluigi Paganini
July 28, 2019
Over the weekend, Jessica Alba’s Twitter account was hacked, the miscreants posted homophobic, racist and Nazi-sympathizing messages. On Saturday evening, miscreants hacked the Twitter account of the actress Jessica Alba and posted hateful, homophobic, and racist messages that remained live for hours. One of the messages posted by the hackers reads “Nazi Germany Did Nothing […]
Pierluigi Paganini
July 28, 2019
Experts at Trustwave observed threat actors using a rare technique to compromise fully patched websites. Security experts at Trustwave observed threat actors using a rare steganography technique, attackers are hiding PHP scripts in Exchangeable Image Format (EXIF) headers of JPEG images that are uploaded on the website. The Exchangeable image file format is a standard […]
Pierluigi Paganini
July 28, 2019
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! Emsisoft releases a second decryptor in a few days, this time for ZeroFucks ransomware Hackers breach 62 US colleges by allegedly exploiting Ellucian Banner Web flaw Twitter account of […]
APT / February 05, 2026
