Breaking News

Pierluigi Paganini November 23, 2020
VMware discloses critical zero-day CVE-2020-4006 in Workspace One

VMware discloses a critical zero-day vulnerability (CVE-2020-4006) in multiple VMware Workspace One components and released a workaround to address it. VMware has released a workaround to address a critical zero-day vulnerability, tracked as CVE-2020-4006, that affects multiple VMware Workspace One components. The flaw could be exploited by attackers to execute commands on the host Linux […]

Pierluigi Paganini November 23, 2020
Computer Security and Data Privacy, the perfect alliance

Computer security and data privacy are often poorly considered issues, experts urge more awareness of cyber threats. Computer security and data privacy are often poorly considered issues until incidents occur and unfortunately sometimes even the very seriousness of the events, understood as virtual happenings, is not adequately perceived. An injection of digital culture is needed […]

Pierluigi Paganini November 23, 2020
Researchers show how to steal a Tesla Model X in a few minutes

Boffins have demonstrated how to steal a Tesla Model X in a few minutes by exploiting vulnerabilities in the car’s keyless entry system. A team of researchers from the Computer Security and Industrial Cryptography (COSIC) group at the KU Leuven University in Belgium has demonstrated how to steal a Tesla Model X in minutes by […]

Pierluigi Paganini November 23, 2020
TikTok fixed security issues that could have led one-click account takeover

TikTok has addressed a couple of security issues that could have been chained to led account takeover.  The first issue addressed by the social media platform is a reflected XSS security flaw that has been reported by the bug bounty hunter Muhammed “milly” Taskiran via the bug bounty platform HackerOne. The Cross-Site-Scripting flaw affected the company […]

Pierluigi Paganini November 23, 2020
VMware fixed SD-WAN flaws that could allow hackers to target enterprise networks

VMware addressed six vulnerabilities in its SD-WAN Orchestrator product that can potentially expose enterprise networks to hack. VMware last week addressed six vulnerabilities (CVE-2020-3984, CVE-2020-3985, CVE-2020-4000, CVE-2020-4001, CVE-2020-4002, CVE-2020-4003) in its SD-WAN Orchestrator product, including some issues that can be chained by an attacker to hijack traffic or shut down an enterprise network. The following […]

Pierluigi Paganini November 23, 2020
FBI issued an alert on Ragnar Locker ransomware activity

The U.S. FBI is warning private industry partners of a surge in Ragnar Locker ransomware activity following a confirmed attack from April 2020. The U.S. Federal Bureau of Investigation (FBI) issued a flash alert (MU-000140-MW) to warn private industry partners of an increase of the Ragnar Locker ransomware activity following a confirmed attack from April […]

Pierluigi Paganini November 23, 2020
Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware

Sonatype’s deep dive research allowed to identify a new family of Discord malware called CursedGrabber. Sonatype has discovered more malware in the npm registry which, following our analysis and multiple cyber threat intelligence reports, has led to the discovery of a novel and large scale malware campaign leveraging the open-source ecosystem. The malware called “xpc.js” […]

Pierluigi Paganini November 22, 2020
Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs

A threat actor has published online a list of one-line exploits to steal VPN credentials from over 49,000 vulnerable Fortinet VPNs. A threat actor, who goes online with the moniker “pumpedkicks,” has leaked online a list of exploits that could be exploited to steal VPN credentials from almost 50,000 Fortinet VPN devices. Researchers from Bank Security first […]

Pierluigi Paganini November 22, 2020
Hundreds of female sports stars and celebrities have their naked photos and videos leaked online

Hackers have stolen naked photos and videos from hundreds of female sports stars and celebrities and leaked them online. Threat actors have stolen naked photos and videos from hundreds of female sports stars and celebrities and leaked them online. The attack took place in the same hours as hackers hit Manchester United and brings us back […]

Pierluigi Paganini November 22, 2020
Romanians arrested for running underground malware services

Two Romanians arrested for running three malware services Two Romanians have been arrested for running two malware crypter services called CyberSeal and DataProtector, and the CyberScan malware testing service. Romanian police forces have arrested this week two individuals suspected of running two malware crypter services called CyberSeal and DataProtector, and a malware testing service called […]