Pierluigi Paganini
January 02, 2019
ESET analyzed the distribution technique used by cyber criminals in new Emotet campaign that has recently affected various countries in Latin America. In November, experts from ESET uncovered a massive spam campaign that was distributing the Emotet malware. The campaign targeted several users in some Latin American countries and ESET shared details on the propagation used […]
Pierluigi Paganini
January 01, 2019
A team of researchers demonstrated that cryptocurrency wallets Trezor and Ledger are vulnerable to several type of attacks. During the 35c3 conference held in Leipzig, Germany, the researchers Dmitry Nedospasov, Thomas Roth, ad Josh Datko demonstrated that cryptocurrency wallets Trezor and Ledger are vulnerable to several type of attacks. The group of researchers presented called “wattet.fail” firmware, […]
Pierluigi Paganini
December 31, 2018
The European Commission decided to launch its bug bounty initiative, the Free and Open Source Software Audit (FOSSA) project. Bug bounty programs are very important for the security of software and hardware, major tech firms launched their own programs to discover flaws before hackers. The European Commission recognized the importance of bug bounty programs and […]
Pierluigi Paganini
December 31, 2018
Security expert SandboxEscaper published a proof-of-concept (PoC) code for a new Windows zero-day, it is the fourth she released this year. The proof-of-concept (PoC) code published by SandboxEscaper overwrites ‘pci.sys’ with information about software and hardware problems, collected through the Windows Error Reporting (WER) event-based feedback infrastructure. SandboxEscaper initially announced the release of the PoC code […]
Pierluigi Paganini
December 31, 2018
The LA Times revealed that a malware-based attack hits the delivery chain of the major US newspapers delaying the hardcopy distribution. A malware-based attack originated outside the US hit US major US newspapers delaying their hardcopy distribution. According to the LA Times, the attack was carried out on Saturday, it hita computer network at Tribune […]
Pierluigi Paganini
December 31, 2018
‘Roma225’ campaign -The Cybaze-Yoroi ZLab researchers investigated a recent espionage malware implant weaponized to target companies in the Italian automotive sector. The malware was spread through well-written phishing email trying to impersonate a senior partner of one of the major Brazilian business law firms: “Veirano Advogados”. The malicious email intercepted during the CSDC operations contains […]
Pierluigi Paganini
December 30, 2018
A couple of researchers demonstrated how to bypass vein based authentication using a fake hand build from a photo. If you consider vein based authentication totally secure, you have to know that a group of researchers demonstrated the opposite at the Chaos Communication Congress hacking conference. Vein based authentication scan invisible vein pattern (i.e. shape, […]
Pierluigi Paganini
December 28, 2018
Personal details of roughly 1,000 North Korean defectors living in South Korea have been leaked in a hacking case. Personal details of nearly 1,000 North Korean defectors were leaked as a result of a cyber attack exposing them to severe threats from Pyongyang. A similar incident has never happened before, the Unification Ministry said that […]
Pierluigi Paganini
December 28, 2018
The security researcher Bruno Keith from the Phoenhex group published a PoC code for a remote code execution flaw in Microsoft Edge browser (CVE-2018-8629). The vulnerability affects the JavaScript engine Chakra implemented in the Edge web browser, an attacker could exploit it to execute arbitrary code on the target machine with the same privileges as […]
Pierluigi Paganini
December 27, 2018
A new sample of Shamoon 3 was uploaded on December 23 to the VirusTotal platform from France, it is signed with a Baidu certificate. A new sample of the dreaded Shamoon wiper was uploaded on December 23 to the VirusTotal platform from France. This sample attempt to disguise itself as a system optimization tool developed […]
