Hacking

Pierluigi Paganini June 13, 2020
Lamphone: spying on conversations by watching a light bulb in the room

Lamphone – Researchers demonstrated how to spy on secret conversations in a room from a nearby remote location just by measuring the amount of light emitted by a light bulb. A team of academics from Israeli Ben-Gurion University of the Negev and the Weizmann Institute of Science demonstrated how to spy on secret conversations in […]

Pierluigi Paganini June 13, 2020
D-Link releases a security firmware update that only fixes 3 out 6 issues in DIR-865L home routers

D-Link has released a firmware update to address three security flaws impacting the DIR-865L home router model, but left some issue unpatched D-Link has recently released a firmware update to address three out of six security flaws impacting the DIR-865L wireless home router. Below the list of vulnerabilities affecting the D-Link home routers: CVE-2020-13782: Improper […]

Pierluigi Paganini June 13, 2020
COVID-19 themed attacks increase in Brazil, India, and UK

Threat actors continue to use COVID-19 lures, Google is reporting an increase in Coronavirus-themed phishing attempts in Brazil, India, and the UK. While Coronavirus spreads on a global scale, threat actors continues to use COVID-19 lures, in April Google announced that the Gmail malware scanners have blocked around 18 million phishing and malware emails using […]

Pierluigi Paganini June 12, 2020
Gamaredon group uses a new Outlook tool to spread malware

Russia-linked Gamaredon APT use a new module for Microsoft Outlook that creates custom emails with malicious documents and sends them to a victim’s contacts. Reseaerchers from ESET reported that Russia-linked Gamaredon APT has a new tool in its arsenal, it is a module for Microsoft Outlook that creates custom emails with malicious documents and sends […]

Pierluigi Paganini June 12, 2020
Austria’s largest ISP A1 Telekom discloses security breach

A1 Telekom, the leading fixed and mobile network operator in Austria, has admitted to have suffered a security breach, following the revelation of a whistleblower. A1 Telekom Austria is the leading fixed and mobile network operator in Austria, with 5.4 million mobile and 2.3 million fixed-line customers. The company has admitted having suffered a security […]

Pierluigi Paganini June 11, 2020
Microsoft discovers cryptomining campaign targeting Kubeflow tool for Kubernetes clusters

Microsoft’s Azure Security Center (ASC) is warning of a hacking campaign that targets Kubeflow, a machine learning toolkit for Kubernetes. Hackers are targeting Kubeflow servers with administration panel exposed online, Microsoft warns. The tech giant has released a report today detailing a novel series of attacks against Kubeflow, a toolkit for deploying machine learning (ML) […]

Pierluigi Paganini June 11, 2020
Dark Basin, a hack-for-hire group that remained under the radar for 7 years

A hack-for-hire group tracked as Dark Basin targeted thousands of journalists, advocacy groups, and politicians worldwide over 7 years. Researchers from Citizen Lab uncovered the operations of a hack-for-hire group tracked as Dark Basin that targeted thousands of journalists, elected and senior government officials, advocacy groups, and hedge funds worldwide over 7 years. Dark Basin […]

Pierluigi Paganini June 11, 2020
Cisco discloses technical details for Firefox code execution flaw

Cisco Talos experts released technical details on a recently addressed vulnerability in Firefox that could be exploited for code execution. Security experts from Cisco Talos have released technical details on a recently addressed vulnerability in Firefox, tracked as CVE-2020-12405, that could be exploited by attackers for remote code execution. The issue is a use-after-free in SharedWorkerService […]

Pierluigi Paganini June 11, 2020
SMBleed could allow a remote attacker to leak kernel memory

Microsoft addressed a Server Message Block (SMB) protocol issue, named SMBleed, that could allow an attacker to leak kernel memory remotely, without authentication. Recently released Microsoft June 2020 Patch Tuesday updates also address a vulnerability in the Server Message Block (SMB) protocol dubbed SMBleed (CVE-2020-1206) that could allow an attacker to leak kernel memory remotely, without […]

Pierluigi Paganini June 10, 2020
A high-severity flaw affects VMware Workstation, Fusion and vSphere products.

VMware has addressed a high-severity information disclosure vulnerability affecting its Workstation, Fusion and vSphere virtualization products. VMware has addressed a high-severity information disclosure vulnerability, tracked as CVE-2020-3960, that affects its Workstation, Fusion and vSphere virtualization products. The CVE-2020-3960 flaw was discovered by Cfir Cohen, a researcher from Google’s cloud security team. ESXi, Workstation and Fusion […]