Security Affairs Archives - Page 980 of 1057

Pierluigi Paganini April 26, 2018

Western Digital MY CLOUD EX2 storage devices leak files

Researchers at Trustwave have discovered that Western Digital My Cloud EX2 storage devices leak files. Security experts at Trustwave have discovered that Western Digital My Cloud EX2 storage devices leak files on a local network by default. The situation gets worse if users configure the device for remote access and expose them online, in this […]

Pierluigi Paganini April 25, 2018

Do Not Disturb app will protect your device from evil maid attacks

Former NSA expert and white hat hacker Patrick Wardle has released an app named Do Not Disturb app that can be used to detect attacks powered by attackers with physical access to the device (so-called “evil maid” attacks). Patrick Wardle app Version 1.0.0 was built explicitly to protect unattended laptops continually monitors the system for events that may […]

Pierluigi Paganini April 25, 2018

Police shut down the biggest DDoS-for-hire service (webstresser.org) and arrested its administrators

The European police have shut down webstresser.org, the world’s biggest DDoS-for-hire service, that allowed crooks to launch over 4 million attacks. An international operation dubbed conducted by the European law enforcement agencies led by the UK’s National Crime Agency (NCA) and the Dutch Police, with the help of Europol, has taken down the world’s biggest DDoS-for-hire […]

Pierluigi Paganini April 25, 2018

Portugal is the 21st country to join the NATO Cyber-Defence Centre

Welcome Portugal, on Tuesday the state joined the NATO Cyber-Defence Centre. The centre has the mission to enhance the capability, cooperation and information sharing among NATO, its member nations and partners in cyber defence. The NATO Cyber-Defence Centre has a new member, on Tuesday Portugal joined the organization. The NATO Cyber-Defence Centre is a multinational and interdisciplinary hub of cyber […]

Pierluigi Paganini April 25, 2018

Expert devised a exploit for a Code Execution vulnerability in NVIDIA Tegra Chipsets

Security researchers Kate Temkin discovered a vulnerability in the NVIDIA Tegra chipsets that could be exploited for the execution of custom code on locked-down devices. The expert devised an exploit, dubbed Fusée Gelée, that leverages a coldboot vulnerability to gain full, unauthenticated arbitrary code execution from an early bootROM context via Tegra Recovery Mode (RCM). The exploitation of […]

Pierluigi Paganini April 24, 2018

SAFERVPN CVE-2018-10308 VULNERABILITY, FROM DOS TO DEANONYMIZATION

Researchers Paulos Yibelo explored a vulnerability he found in SaferVPN Chrome Extension. The vulnerability tracked as CVE-2018-10308 should help malicious actors to retrieve vital information such as IP addresses when a user visits a website. After my last month’s finding in Hotspot Shield, I decided to look at and audit more VPNs to see how […]

Pierluigi Paganini April 24, 2018

BeatCoin – Researchers demonstrate how to steal Cold Wallet Keys from Air-Gapped PCs

Israeli researchers presented their new research named BeatCoin, it is an experiment wherein they demonstrate how to steal private keys for a cryptocurrency wallet installed on cold storage. How to protect cryptocurrency wallets? Many experts will tell you to store them in air-gapped networks, but let me remind you to check if Ben Gurion experts are far from […]

Pierluigi Paganini April 24, 2018

CSE Malware ZLab – Malware Analysis Report: The Bandios malware suite

The researchers at CSE ZLab have spotted a new family of malware, tracked as Bandios malware spreading in the wild. The peculiarity of Bandios malware is the fact that this malware is in a rapid and constant evolution and development. Experts observed several versions of the malware stored on the same websites, they represent the evolution of […]

Pierluigi Paganini April 24, 2018

Kaspersky’s analysis of servers compromised by Energetic Bear shows the APT operates on behalf of others

Kaspersky analyzed the serves compromised by the Energetic Bear APT and assumed with some degree of certainty that the group operates in the interests of or takes orders from customers that are external to it. Security experts at Kaspersky Lab ICS CERT have published a detailed analysis of the server compromised by the notorious Energetic […]

Pierluigi Paganini April 23, 2018

Orangeworm cyber espionage group target Healthcare organizations worldwide

Symantec researchers have monitored the activity of a cyber espionage group tracked as Orangeworm that targets organizations in the healthcare sector. Security experts at Symantec have published a report on the activity of a cyber espionage group tracked as Orangeworm that targets healthcare organizations. “Symantec has identified a previously unknown group called Orangeworm that has […]