Breaking News

Pierluigi Paganini July 03, 2017
Severe flaws found in German e-Government OSCI 1.2 Communication Library

Security researchers at SEC-Consult found severe vulnerabilities in the German e-government Communication Library OSCI (Online Services Computer Interface). According to the experts at SEC-Consult, the German e-government system OSCI (Online Services Computer Interface) is open to padding oracle attacks and other vulnerabilities due to the use of an insecure communications protocol. The researchers at SEC Consult found severe vulnerabilities […]

Pierluigi Paganini July 03, 2017
Telegram agrees to register in Russia, but it will not share private data

Telegram agrees to register with Russia authorities to avoid the local ban, but the battle is still ongoing because it won’t share user data. The Russian Government threatened to ban Telegram because it refused to comply data protection laws. “There is one demand, and it is simple: to fill in a form with information on […]

Pierluigi Paganini July 03, 2017
The NotPetya ransomware is a Brick Through Your Windows

The recent global outbreak of the “NotPetya” malware has some very curious features that have left security officials puzzled. Despite the press coverage, NotPetya is not really a ransomware attack to hold your data hostage. It’s a killbot. Several information security specialists have pointed a finger directly at Moscow; citing circumstantial evidence the source of […]

Pierluigi Paganini July 02, 2017
US-CERT published an alert on the last variant of Petya ransomware, including countermeasures

The Department of Homeland Security’s (DHS) US Computer Emergency Readiness Team (US-CERT) published the Alert (TA17-181A) on the Petya Ransomware. The US-CERT urges organizations of updating their software and avoiding use unsupported applications and OSs. The US-CERT confirmed it has received multiple reports of Petya ransomware infections related the recent massive attack. The ransomware leverages the ETERNALBLUE […]

Pierluigi Paganini July 02, 2017
Security Affairs newsletter Round 117 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. ·      SamSam ransomware attacks increase and crooks demand higher ransom ·      Security Affairs newsletter Round 116 – News of the week ·      UK Parliament shut down external access to email accounts after cyberattack ·      Company fired an […]

Pierluigi Paganini July 02, 2017
FBI hacked a US Darknet shopper who tried to purchase Mail Bomb

The FBI hacked the system of a dark web user who tried to purchase a mail bomb from an undercover investigator in the US. According to a plea agreement, filed on April 28, 2017, Clinton Scott Bass of Georgia (US) tried in a first time to purchase a car bomb. The man, who was using […]

Pierluigi Paganini July 02, 2017
NATO CCD COE attributed the massive NotPetya attack to a ‘state actor’ and call for a joint investigation

NATO attributed the massive NotPetya attack to a ‘state actor,’ NotPetya and WannaCry Call for a Joint Response from International Community. According to NATO CCD COE, the recent massive attack based on NotPetya ransomware was powered by a “state actor.” The malware infected over 12,000 devices in around 65 countries, the malicious code hit major […]

Pierluigi Paganini July 01, 2017
SQL Injection flaw in WordPress Plugin WP Statistics potentially exposed 300,000+ Sites

Security experts at Sucuri have discovered a SQL Injection vulnerability in WP Statistics, one of the most popular WordPress plugins. Security experts at Sucuri have discovered a SQL Injection vulnerability in WP Statistics, one of the most popular WordPress plugins, that is currently installed on over 300,000 websites. The SQL Injection vulnerability in WP Statistics could be exploited by […]

Pierluigi Paganini July 01, 2017
Wikileaks – CIA developed OutlawCountry Malware to hack Linux systems

WikiLeaks released a new batch of documents that detail the CIA tool OutlawCountry used to remotely spy on computers running Linux operating systems. WikiLeaks has released a new batch of documents from the Vault 7 leak that details a CIA tool, dubbed OutlawCountry, used by the agency to remotely spy on computers running Linux operating systems. According to the […]

Pierluigi Paganini July 01, 2017
Researcher released Eternal Blues, a free EternalBlue vulnerability scanner

The security researcher Elad Erez developed Eternal Blues, a free EternalBlue vulnerability scanner that could be used to assess networks. Now systems administrators and hackers have a new free tool, dubbed Eternal Blues, to scan networks looking at computers vulnerable to the NSA EternalBlue exploit. EternalBlue is one of the hacking tools that the ShadowBrokers hacker group stolen to the NSA-linked […]