Hacking

Pierluigi Paganini August 18, 2020
Critical flaw in Jenkins Server can cause information disclosure

A critical vulnerability in Jenkins server software could result in memory corruption and cause confidential information disclosure. A critical vulnerability in Jenkins server software, tracked as  CVE-2019-17638, could result in memory corruption and cause confidential information disclosure. Jenkins is the most popular open source automation server, it is maintained by CloudBees and the Jenkins community. The […]

Pierluigi Paganini August 17, 2020
Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say

The Treasury Board of Canada Secretariat confirmed that thousands of user accounts for online Canadian government services were recently hacked. According to a press release issued by the Treasury Board of Canada Secretariat, thousands of user accounts for online government services were recently hacked. The hackers targeted the GCKey service with credential stuffing attacks, the service […]

Pierluigi Paganini August 17, 2020
The Australian government wants to respond to attacks on critical infrastructure

The Australian government aims at giving itself the power to manage the response of private enterprises to cyber attacks on critical infrastructure. The Australian government wants to increase the security of critical infrastructure, for this reason, it plans to manage the response of private enterprises to cyber attacks targeting them. According to a Consultation Paper […]

Pierluigi Paganini August 15, 2020
PoC exploit code for two Apache Struts 2 flaws available online

Security researchers have discovered a PoC exploit code available online that can be used to trigger unpatched security flaws in Apache Struts 2. Security researchers have discovered a PoC code and exploit available on GitHub that that can be used to trigger the security vulnerabilities in Apache Struts 2. The Proof-of-concept exploit code was released […]

Pierluigi Paganini August 15, 2020
XCSSET Mac spyware spreads via Xcode Projects

A new Mac malware, tracked as XCSSET, spreads through Xcode projects and exploits two zero-day vulnerabilities, experts warn. XCSSET is a new Mac malware that spreads through Xcode projects and exploits two zero-day vulnerabilities to steal sensitive information from target systems and launch ransomware attacks. The first zero-day issue is used to steal cookies via […]

Pierluigi Paganini August 14, 2020
North Korea’s Lazarus compromised dozens of organizations in Israel

Since January 2020, the North Korea-linked Lazarus APT has successfully compromised dozens of organizations in Israel and other countries. The Israeli defence ministry announced on Wednesday that it had foiled a cyber attack carried out by a foreign threat actor targeting the country’s defence manufacturers. According to the officials, the attack was launched by “an […]

Pierluigi Paganini August 14, 2020
Threat Report Portugal: Q2 2020

The Threat Report Portugal: Q2 2020 compiles data collected on the malicious campaigns that occurred from April to Jun, Q2, of 2020. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. This feed is based on automatic searches and also has a strong contribution […]

Pierluigi Paganini August 14, 2020
Chinese APT CactusPete targets military and financial orgs in Eastern Europe

China-linked threat actor tracked as CactusPete was employing an updated backdoor in recent attacks targeting military and financial organizations in Eastern Europe. A China-linked APT group, tracked by Kaspersky as CactusPete (aka Karma Panda or Tonto Team), was observed using an updated backdoor in recent attacks targeting military and financial organizations in Eastern Europe. The […]

Pierluigi Paganini August 14, 2020
Threat actor leaked data for U.S. gun exchange site on hacking forum

A threat actor has released the databases of Utah-based gun exchange and hunting sites for free on a cybercrime forum. On August 10th, a hacker has leaked online the databases of Utah-based gun exchange for free on a cybercrime forum. He claims the databases contain 195,000 user records for the utahgunexchange.com, 45,000 records for their video […]

Pierluigi Paganini August 13, 2020
FBI and NSA joint report details APT28’s Linux malware Drovorub

The FBI and NSA issue joint alert related to new Linux malware dubbed Drovorub that has been used by the Russia-linked APT28 group. The FBI and NSA have published a joint security alert containing technical details about a new piece of Linux malware, tracked as Drovorub, allegedly employed by Russia-linked the APT28 group. The name […]