Breaking News

Pierluigi Paganini May 04, 2020
Hackers are scanning the internet for vulnerable Salt installs, Ghost blogging platform hacked

Hackers are conducting a mass-scanning the Internet for vulnerable Salt installs that could allow them to hack the organizations, the last victim is the Ghost blogging platform. Experts warn of hacking campaign that is targeting organization using the Salt platform for the management of their infrastructure, the last victim is the Ghost blogging platform. The attackers […]

Pierluigi Paganini May 04, 2020
LineageOS servers hacked, attackers exploited unpatched Salt issues

On Saturday, at around 8 pm (US Pacific coast), hackers have breached the LineageOS servers by exploiting an unpatched vulnerability. On Saturday, at around 8 pm (US Pacific coast), hackers have breached the LineageOS servers by exploiting an unpatched vulnerability. LineageOS is a free and open-source operating system for smartphones, tablet computers, and set-top boxes, […]

Pierluigi Paganini May 03, 2020
India’s Jio Coronavirus symptom checker exposed test results

A security glitch in the self-test coronavirus symptom checker developed by India’s Jio cell network exposed test results. While Coronavirus was spreading worldwide, India’s largest cell network Jio, a subsidiary of Reliance, has developed a coronavirus self-test symptom checker, days before the Indian government imposed a local lockdown to prevent the outbreak. The app was […]

Pierluigi Paganini May 03, 2020
Coronavirus-themed attacks April 26 – May 02, 2020

This post includes the details of the Coronavirus-themed attacks launched from April 26 to May 02, 2020. Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERShttps://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below […]

Pierluigi Paganini May 03, 2020
Security Affairs newsletter Round 262

A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Please give me your vote for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERShttps://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform Coronavirus-themed attacks April 19 – April 25, 2020 Crooks target US universities with malware used by nation-state actors Hackers exploit SQL injection zero-day […]

Pierluigi Paganini May 03, 2020
Cyber Threats Observatory Gets Improvements

Today I am so happy to announce a big improvement in the cyber threats observatory (available for here). The main improvement sees the introduction of clustering stereotypes for each tracked malware family in three different behaviors: Domains, Files and Processes. Every malware does specific actions on domains, files and processes realms by meaning that every sample contacts several domain names, spawns specific processes and […]

Pierluigi Paganini May 03, 2020
TOKOPEDIA e-commerce hacked, 91 Million accounts available on the darkweb

A hacker has leaked the details of 15 million users registered on Tokopedia, an Indonesian technology company specializing in e-commerce. Tokopedia is an Indonesian technology company specializing in e-commerce, it currently operates Indonesia’s largest online store. The company has over 4200 employees and accounts for over 90 million active users every month. The hacker claims to have […]

Pierluigi Paganini May 02, 2020
TrickBot operators exploit COVID-19 as lures

IBM X-Force researchers spotted a new COVID-19-themed campaign spreading the infamous TrickBot trojan through fake messages. IBM X-Force researchers uncovered a new COVID-19-themed campaign that is spreading the infamous TrickBot trojan through fake messages. The spam messages pretend to be sent by the Department of Labor’s Family and Medical Leave Act (FMLA) and attempt to […]

Pierluigi Paganini May 02, 2020
Fake Microsoft Teams notifications aim at stealing Office365 logins

Phishing attacks impersonating notifications from Microsoft Teams targeted as many as 50,000 Teams users to steal Office365 logins. Abnormal Security experts observed two separate phishing attacks impersonating notifications from Microsoft Teams that targeted as many as 50,000 Teams users to steal Office365 logins. The popularity of Microsoft Teams has spiked as a result of the […]

Pierluigi Paganini May 02, 2020
President Trump’s executive order bans foreign electrical equipment from national power grid

US power grid will not include any equipment manufactured by foreign states for security reasons, this states the executive order signed by President Trump. This week President Trump signed an executive order that prohibits operators of US power grids to buy and install electrical equipment that has been manufactured outside the US. “I further find that […]