Pierluigi Paganini
May 31, 2019
Researchers at 0patch released a temporary micropatch for the unpatched BearLPE local privilege escalation zero-day flaw in Windows 10. Experts at 0patch released a micropatch to temporary fix a still-unpatched local privilege escalation on systems without rebooting them. The zero-day vulnerability, dubbed BearLPE, was recently disclosed by the security researcher SandboxEscaper. The following video shows how the […]
Pierluigi Paganini
May 31, 2019
Microsoft issued a new warning for users to update their systems to address the remote code execution vulnerability dubbed BlueKeep. Microsoft issued a new warning for users of older Windows OS versions to update their systems in order to patch the remote code execution vulnerability dubbed BlueKeep. The vulnerability, tracked as CVE-2019-0708, impacts the Windows […]
Pierluigi Paganini
May 31, 2019
A security researcher demonstrated how to bypass the Apple macOS Gatekeeper by leveraging trust in network shares. The Italian security researcher Filippo Cavallarin demonstrated how to bypass the macOS Gatekeeper by leveraging trust in network shares. The Apple Gatekeeper is designed to protect OS X users by performing a number of checks before allowing an App to run. […]
Pierluigi Paganini
May 31, 2019
Security experts at Intezer have discovered a new Linux malware tracked as ‘HiddenWasp’ that borrows from Mirai, Azazel malicious codes. HiddenWasp is a new sophisticated Linux malware still undetected by the majority of anti-virus solutions. According to the experts at Intezer, the malware was involved in targeted attacks. “Unlike common Linux malware, HiddenWasp is not […]
Pierluigi Paganini
May 31, 2019
vpnMentor researches have recently discovered that hotel brands managed by The Pyramid Hotel Group have suffered a data leak. vpnMentor experts have discovered that hotel brands managed by The Pyramid Hotel Group, including Marriott, have suffered a data leak, vpnMentor’s research team discovered the unprotected server through port scanning to examine known IP blocks. Researchers […]
Pierluigi Paganini
May 30, 2019
Checkers and Rally’s, one of the largest chains of double drive-thru restaurants in the United States, disclosed a credit card breach. “We recently became aware of a data security issue involving malware at certain Checkers and Rally’s locations.” reads a breach notice published by the company. “After discovering the issue, we quickly engaged leading data […]
Pierluigi Paganini
May 30, 2019
The WordPress plugin Convert Plus is affected by a critical flaw that could be exploited by an unauthenticated attacker to create accounts with administrator privileges. The WordPress plugin Convert Plus is affected by a critical vulnerability that could be exploited by an unauthenticated attacker to create accounts with administrator privileges. A vulnerability ties with the […]
Pierluigi Paganini
May 30, 2019
Chinese Cyber-Spies Target Government Organizations in Middle East Chinese APT group Emissary Panda has been targeting government organizations in two different countries in the Middle East. Experts at Palo Alto Networks reported that the Chinese APT group Emissary Panda (aka APT27, TG-3390, Bronze Union, and Lucky Mouse) has been targeting government organizations in two different […]
Pierluigi Paganini
May 30, 2019
Guardicore Labs uncovered a widespread cryptojacking campaign tracked as Nansh0u and aimed at Windows MS-SQL and PHPMyAdmin servers. Security experts at Guardicore Labs uncovered a widespread cryptojacking campaign leveraging a malware dubbed Nansh0u. The malicious code aimed at Windows MS-SQL and PHPMyAdmin servers worldwide. According to the experts, the malicious campaign is being carried out […]
Pierluigi Paganini
May 29, 2019
The popular white hat hacker Tavis Ormandy has announced the discovery of a code execution vulnerability in Microsoft’s Notepad text editor. The Google Project Zero researcher Tavis Ormandy announced the discovery of a code execution flaw in Microsoft’s Notepad text editor. Ormandy reported the issue to Microsoft and will wait 90 days according to Google vulnerability […]
