Breaking News

Pierluigi Paganini April 10, 2017
Researchers warn of a Windows Zero-Day Attack observed in the wild

Security researchers from firms McAfee and FireEye are warning of a Windows zero-day attack in the wild that put Microsoft users at risk of hack. Security researchers from security firms McAfee and FireEye are warning of hackers exploiting a Windows zero-day vulnerability in the wild. Just opening an MS Word document could put you at risk, […]

Pierluigi Paganini April 09, 2017
ATMitch – Crooks stole $800,000 from 8 ATMs in Russia using Fileless Malware

According to Kaspersky Lab, crooks have robbed at least 8 ATMs in Russia and stole $800,000 in just one night using a Fileless malware dubbed ATMitch. According to experts at Kaspersky, hackers have robbed at least 8 ATMs in Russia and stole $800,000 in just one night. The cyber heist caught the attention of security […]

Pierluigi Paganini April 09, 2017
Security Affairs newsletter Round 106 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. First of all, let me inform you that at the #infosec16 SecurityAffairs was awarded as The Best European Personal Security Blog http://securityaffairs.co/wordpress/48202/breaking-news/securityaffairs-best-european-personal-security-blog.html ·      Android Chrysaor spyware went undetected for years ·      UEFI Vulnerabilities allow to fully compromise Gigabyte Mini […]

Pierluigi Paganini April 09, 2017
Millions of mobile phones and laptops potentially exposed to attack leveraging baseband zero-days

The researcher Ralf Weinmann revealed that millions of mobile phones and laptops are potentially exposed to attack leveraging baseband zero-days he discovered. The researcher Ralf-Phillip Weinmann, managing director at security firm Comsecuris, has disclosed a zero-day baseband vulnerability affecting Huawei smartphones, laptop WWAN modules, and IoT components. Baseband is firmware used on smartphones to connect to cellular […]

Pierluigi Paganini April 08, 2017
The Shadow Brokers release more alleged NSA hacking tools and exploits

The Shadow Brokers hacking crew sent a message to President Trump commenting recent political events and released more alleged NSA hacking tools. The Shadow Brokers is the mysterious group that in October 2016 claimed to have stolen a bunch of hacking tools used by the NSA for its operations. At the end of October 2016, the hackers […]

Pierluigi Paganini April 08, 2017
RensenWare ransomware – You will decrypt files only scoring .2 Billion in TH12 Game

The rensenWare ransomware rather than demanding money, it requires the victims to score “over 0.2 billion” playing “TH12 game. Security experts at MalwareHunterTeam have spotted a new ransomware dubbed ‘rensenWare’. The ransomware is very strange, rather than demanding money, it requires the victims to score “over 0.2 billion” playing “TH12 — Undefined Fantastic Object”. The RensenWare […]

Pierluigi Paganini April 08, 2017
Brickerbot botnet, the thingbot that permanently destroys IoT devices

Security researchers have spotted a new threat dubbed Brickerbot botnet that causes permanent damage to Internet of Things (IoT) devices. Months ago we anticipated the possible spike in the number of IoT botnets, at the beginning it was Mirai, but later other dangerous thingbot appeared in the wild such as the Leet Botnet and the Amnesia botnet. Now a […]

Pierluigi Paganini April 08, 2017
Sathurbot botnet, over 20,000 bots launched a distributed WordPress password attack

Experts observed a new threat targeting WordPress install, the Sathurbot botnet attempts to bruteforce WordPress accounts. Once compromised a WordPress website, the Sathurbot botnet uses it to spread the malware. The Sathurbot leverages torrents as a delivery mechanism, once a website is compromised it is used to host fake movie and software torrents. When victims search for […]

Pierluigi Paganini April 07, 2017
WikiLeaks leaked files on the Grasshopper framework, a CIA Tool for creating customized malware installers

Wikileaks published a new batch of 27 documents detailing the Grasshopper framework used by its agents to create custom installers for Windows malware. WikiLeaks continues to disclose documents included in the CIA Vault 7 archive, on Friday published a new batch of 27 documents detailing a framework, dubbed Grasshopper, allegedly used to create custom installers for Windows malware. […]

Pierluigi Paganini April 07, 2017
Vulnerability in Apple Music for Android could be exploited to steal user data

Apple fixed a vulnerability tracked as CVE-2017-2387 in the Apple Music for Android that could allow attackers to launch MitM attacks on the application. The update released Apple for the Apple Music application for Android fixes a certificate validation issue that can be exploited by an attacker to run MitM attacks and intercept user data. […]