Pierluigi Paganini
January 24, 2019
Security experts from Kaspersky Lab’s Industrial Control Systems Cyber Emergency Response Team (ICS CERT) linked the GreyEnergy malware with and the Zebrocy backdoor. Security researchers from Kaspersky Lab’s ICS CERT have discovered a link between GreyEnergy malware with and the Zebrocy tool. The activity of the GreyEnergy APT group emerged in concurrence with BlackEnergy operations, experts consider […]
Pierluigi Paganini
January 24, 2019
A still ongoing spam campaign that has been active during the last months has been distributing the Redaman banking malware. Experts at Palo Alto Networks continue to monitor an ongoing spam campaign that has been distributing the Redaman banking malware. The malware was first observed in the threat landscape in 2015, most of the victims […]
Pierluigi Paganini
January 24, 2019
DHS has issued a notice of a CISA emergency directive urging federal agencies of improving the security of government-managed domains (i.e. .gov) to prevent DNS hijacking attacks. The notice was issued by the DHS and links the emergency directive Emergency Directive 19-01 titled “Mitigate DNS Infrastructure Tampering.” “In coordination with government and industry partners, the […]
Pierluigi Paganini
January 24, 2019
Researcher published a PoC exploit code for critical vulnerabilities that could be chained to implement an iOS jailbreak On iPhone X The security researcher Qixun Zhao of Qihoo 360’s Vulcan Team has published a PoC exploit code for critical vulnerabilities in Apple Safari web browser and iOS that could be exploited by a remote attacker to jailbreak […]
Pierluigi Paganini
January 23, 2019
PHP PEAR official site hacked, attackers replaced legitimate version of the package manager with a tainted version in the past 6 months. Bad news for users that have downloaded the PHP PEAR package manager from the official website in the past 6 months because hackers have replaced it with a tainted version. The PHP Extension and […]
Pierluigi Paganini
January 23, 2019
Nest recommended the owners of its security cameras to use enhanced authentication to avoid being hacked as happened with a family living in the US. Over the weekend, a family living in California was terrified with a hoax nuclear missile attack. The couple explained to the local media that hackers compromised their Nest security camera and used atop their television and issued a warning of an imminent impact of missiles […]
Pierluigi Paganini
January 23, 2019
Security experts participating in the abuse.ch project called URLhaus have identified and shut down roughly 100,000 malware distribution sites The abuse.ch project called URLhaus was launched in March 2018 to track websites used to spread malware, it involved 265 researchers worldwide. In a 10-month period, 265 security researchers around the world have identified in average 300 malware […]
Pierluigi Paganini
January 23, 2019
Researchers from 0patch, a community of experts that aims at addressing software flaws, released unofficial patches for three Windows vulnerabilities that Microsoft has yet to be fixed. The list of vulnerabilities addressed by 0patch include a denial-of-service (DoS) bug, a file read issue, and a code execution flaw. “While we’re busy ironing out the wrinkles before […]
Pierluigi Paganini
January 22, 2019
Expert discovered a remote code execution vulnerability in the APT package manager used by several Linux distributions, including Debian and Ubuntu. The independent security consultant Max Justicz has discovered a remote code execution vulnerability in the APT package manager used by several Linux distributions, including Debian and Ubuntu. The flaw, tracked as CVE-2019-3462, affects package manager version 0.8.15 and later, […]
Pierluigi Paganini
January 22, 2019
Data belonging to online casinos found exposed online on unprotected Elastic search instance, it includes info on 108 million bets and user details Data breaches are an ordinary issue, this time an online casino group leaked information about 108 million bets including user details. Leaked data includes personal information and payment card details, including real […]
