Security Affairs Archives - Page 930 of 1057

Pierluigi Paganini September 06, 2018

Recently uncovered PowerPool Group used recent Windows Zero-Day exploit

Security experts from ESET observed a treat actor, tracked as PowerPool, exploiting the recently disclosed Windows zero-day flaw in targeted attacks. The vulnerability was publicly disclosed on August 27 by the security expert “@SandboxEscaper,” the researcher also published the exploit code for the vulnerability. The vulnerability affects Microsoft’s Windows operating systems that could be exploited by a […]

Pierluigi Paganini September 06, 2018

Cisco fixes 32 security vulnerabilities in its products, including three critical flaws

Cisco has released thirty security patch advisory to address a total of 32 security vulnerabilities in its products, including three critical flaws. Cisco released thirty security patch advisory to address a total of 32 security vulnerabilities in its products. The good news is that the tech giant is not aware of any exploitation of the addressed vulnerabilities […]

Pierluigi Paganini September 06, 2018

International clothing chain C&A in Brazil suffered a data breach

The clothing chain C&A in Brazil suffered a cyber attack on its gift card/exchange system last week, hackers leaked data on Pastebin. The International fashion retail clothing chain C&A in Brazil suffered a data breach, the company confirmed hackers hit its gift card platform. Hackers accessed to records belonging to customers who purchased gift cards, exposed data includes ID […]

Pierluigi Paganini September 06, 2018

New OilRig APT campaign leverages a new variant of the OopsIE Trojan

The Iran-linked APT group OilRig was recently observed using a new variant of the OopsIE Trojan that implements news evasion capabilities. Experts at Palo Alto Networks observed a new campaign carried out by the Iran-linked APT group OilRig that was leveraging on a new variant of the OopsIE Trojan. The OilRig hacker group is an Iran-linked APT that has been […]

Pierluigi Paganini September 06, 2018

MEGA Chrome browser extension hacked, bogus version stole users’ credentials

The MEGA Chrome browser extension had been hacked and replaced with a one that steals users’ credentials for popular web services Are you using the MEGA Chrome browser extension? Uninstall it now because the Chrome extension for MEGA file storage service had been hacked and replaced with a one that steals users’ credentials for popular […]

Pierluigi Paganini September 05, 2018

Group-IB UncoversAPT- attacks on Banks: The Sound of Silence

Researchers at security firm Group-IB have exposed the attacks carried out by the Silence cybercriminal group, providing details on its tactics and tools. Experts at security firm Group-IB have exposed the attacks committed by Silence cybercriminal group. While the gang had previously targeted Russian banks, Group-IB experts also have discovered evidence of the group’s activity in more than 25 countries worldwide. Group-IB […]

Pierluigi Paganini September 05, 2018

CrowdStrike uncovered a new campaign of GOBLIN PANDA APT aimed at Vietnam

Researchers from security firm CrowdStrike have observed a new campaign associated with the GOBLIN PANDA APT group. Experts from security firm CrowdStrike have uncovered a new campaign associated with the GOBLIN PANDA APT group. The group also knows as Cycldek was first spotted in September 2013, it was mainly targeting entities in Southeast Asia using different malware variants mainly PlugX and […]

Pierluigi Paganini September 05, 2018

An untold story of a memory corruption bug in Skype

Security expert discovered that Skype has a malloc(): memory corruption vulnerability that could be triggered while users share some media/file with someone during a call. Tested on: Linux zero 4.15.0-29-generic #31-Ubuntu SMP Tue Jul 17 15:39:52 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux (Ubuntu 18.04 LTS) Product affected: Skype for linux (skypeforlinux_8.27.0.85_amd64.deb)Steps to reproduce this issue: 1. Open […]

Pierluigi Paganini September 04, 2018

Hackers can easily access 3D printers exposed online for sabotage and espionage

Security researchers at the SANS Internet Storm Center discovered that thousands of 3D printers are exposed online without proper defense. The news is worrisome, thousands of 3D printers are exposed online to remote cyber attacks. According to the experts at SANS Internet Storm Center that scanned the internet for vulnerable 3D printers, a Shodan query has found […]

Pierluigi Paganini September 04, 2018

Experts warn of 7,500+ MikroTik Routers that are hijacking owners’ traffic

The security firm Qihoo 360 Netlab discovered more than 7,500 MikroTik routers that have been compromised to enable Socks4 proxy maliciously Earlier August, experts uncovered a massive crypto jacking campaign that was targeting MikroTik routers to inject a Coinhive cryptocurrency mining script in the web traffic. The campaign started in Brazil, but it is rapidly expanded […]