Hacking

Pierluigi Paganini May 20, 2020
Israel is suspected to be behind the cyberattack on Iranian port

Israel is likely behind the recent cyberattack which disrupted some operations at Iran’s Shahid Rajaei Port, located near the Strait of Hormuz. A couple of weeks ago, Iranian officials announced that hackers damaged a small number of systems at the port of Shahid Rajaei in the city of Bandar Abbas. Bandar Abbas is the capital of Hormozgān […]

Pierluigi Paganini May 20, 2020
Researchers disclose five Microsoft Windows zero-days

Security experts have disclosed five unpatched vulnerabilities in Microsoft Windows, four of which rated as high-risk severity. Security experts from Trend Micro’s Zero Day Initiative (ZDI) have published information on five unpatched vulnerabilities in Microsoft Windows. Four vulnerabilities are classified as high-risk severity, three of them are zero-day vulnerabilities tracked as CVE-2020-0916, CVE-2020-0986, and CVE-2020-0915. The flaws […]

Pierluigi Paganini May 20, 2020
Three flaws in Nitro Pro PDF reader expose businesses to hack

Two vulnerabilities in the Nitro Pro PDF editor could be exploited by threat actors to execute code remotely on vulnerable hosts. Security experts from Cisco Talos have discovered three vulnerabilities in the Nitro Pro PDF editor, two of which rated as critical (CVSS score of 8.8) could be exploited by attackers for remote code execution. Nitro […]

Pierluigi Paganini May 20, 2020
Security Service of Ukraine arrested the popular hacker Sanix who sold billions of stolen credentials

The Ukrainian Secret Service (SSU) has arrested a hacker known as Sanix, who was selling billions of stolen credentials on hacking forums and Telegram channels. The popular hacker Sanix has been arrested by the Ukrainian Secret Service (SSU). The man is known in the cybercrime underground for selling billions of stolen credentials. The officials did […]

Pierluigi Paganini May 19, 2020
Bluetooth BIAS attack threatens billions of devices

Boffins disclosed a security flaw in Bluetooth, dubbed BIAS, that could potentially be exploited by an attacker to spoof a remotely paired device. Researchers from École Polytechnique Fédérale de Lausanne (EPFL) discovered a vulnerability in Bluetooth, dubbed Bluetooth Impersonation AttackS or BIAS, that could potentially be exploited by an attacker to spoof a remotely paired device. The issue potentially impact […]

Pierluigi Paganini May 19, 2020
Australian product steel producer BlueScope hit by cyberattack

The Australian flat product steel producer BlueScope Steel Limited was hit by a cyberattack that caused disruptions to some of its operations. Australian steel producer BlueScope was recently hit by a cyberattack that disrupted some of its operations. The incident was spotted on Friday at one of its businesses located in the US, but the company did […]

Pierluigi Paganini May 19, 2020
Hackers Target Oil Producers During COVID-19 Slump

Recent research shows that the oil industry — already experiencing difficulties due to COVID-19 — must remain abreast of threats to stay safe from hackers. Spear-phishing is a rapidly emerging threat. It’s more specific than generic phishing attempts and often targets a single person or company. Recent research shows that the oil industry — already […]

Pierluigi Paganini May 19, 2020
Both Mirai and Hoaxcalls IoT botnets target Symantec Web Gateways

Experts from Palo Alto Networks discovered that the Mirai and Hoaxcalls botnets are targeting a vulnerability in legacy Symantec Web Gateways. Palo Alto Networks Unit 42 researchers observed both the Mirai and Hoaxcalls botnets using an exploit for a post-authentication Remote Code Execution vulnerability in legacy Symantec Web Gateways 5.0.2.8. “I recently came across new […]

Pierluigi Paganini May 19, 2020
129 million records of Russian car owners available on the dark web

A hacker is offering for sale on a dark web forum a database containing 129 million records of car owners in Moscow. A hacker is attempting to sell on a dark web forum a database containing 129 million records of car owners in Moscow. As a proof of the authenticity of the data, the hacker […]

Pierluigi Paganini May 18, 2020
Stored XSS in WP Product Review Lite plugin allows for automated takeovers

A critical flaw in the WP Product Review Lite plugin installed on over 40,000 WordPress sites could potentially allow their take over. Attackers could exploit a critical vulnerability in the WP Product Review Lite WordPress plugin to inject malicious code and potentially take over vulnerable websites. The WP Product Review Lite plugin allows site owners to quickly create custom review […]