Breaking News

Pierluigi Paganini February 18, 2020
Unsigned Firmware running on peripherals could expose Windows, Linux systems to hack

Peripheral devices with unsigned firmware can expose Windows and Linux machines to hack, warn experts from firmware security firm Eclypsium. Experts at firmware security firm Eclypsium have discovered that many peripheral device manufacturers have not implemented security checks to prevent the installation of firmware from an untrusted source. An attacker could exploit the lack of […]

Pierluigi Paganini February 18, 2020
CVE-2019-0604 SharePoint Remote code execution (RCE) vulnerability

A security expert found a flaw in SharePoint that could be exploited to remotely execute arbitrary code by sending a specially crafted SharePoint application package. Summary:A few days ago I saw a post from Alienvault which says attackers are still exploiting SharePoint vulnerability to attack Middle East government organization. Having said that I found Income Tax Department […]

Pierluigi Paganini February 18, 2020
Flaw in WordPress ThemeGrill Demo Importer WordPress theme plugin expose 200K+ sites to hack

A serious flaw in the ThemeGrill Demo Importer WordPress theme plugin with over 200,000 active installs can be exploited to wipe sites and gain admin access to the site. Experts from the security firm WebARX have discovered a serious flaw in the WordPress theme plugin ThemeGrill Demo Importer with over 200,000 active installs. The vulnerability […]

Pierluigi Paganini February 17, 2020
FC Barcelona and the International Olympic Committee Twitter accounts hacked

The popular hacker group OurMine has hacked the official Twitter account of the FC Barcelona, along with the accounts of Olympics and the International Olympic Committee (IOC). The popular hacker group has hacked the official Twitter account of the FC Barcelona, along with the accounts of and the International Olympic Committee (IOC). On Saturday, the […]

Pierluigi Paganini February 17, 2020
Russian govn blocked Tutanota service in Russia to stop encrypted communication

Tutanota, the popular free and open-source end-to-end encrypted email software, has been blocked by Russian authorities. The popular free and open-source end-to-end encrypted email service Tutanota has been blocked in Russia on Friday evening. Since early February, the Russian government has blocked other encrypted email and VPN services in Russia, including ProtonMail and ProtonVPN VPN service. Tutanota is listed in the registry of blocked […]

Pierluigi Paganini February 17, 2020
Launching the First “Yomi Hunting” Challenge!

About a year ago, Yoroi released the Yomi Hunter sandbox, today, they love to challenge the malware community with the first “Yomi Hunting” contest. About a year ago, we publicly released the Yomi Hunter sandbox for a few simple reasons: in Yoroi we believe in the InfoSec community value, we think it plays a central […]

Pierluigi Paganini February 17, 2020
Cyberwarfare: A deep dive into the latest Gamaredon Espionage Campaign

Security experts from Yoroy-Cybaze ZLab have conducted a detailed analysis of an implant used by the Gamaredon APT group in a recent campaign. Introduction  Gamaredon Group is a Cyber Espionage persistent operation attributed to Russians FSB (Federal Security Service) in a long-term military and geo-political confrontation against the Ukrainian government and more in general against […]

Pierluigi Paganini February 17, 2020
IDF soldiers tricked into installing malicious apps by Hamas operatives posing as attractive women

Israeli Force (IDF) announced it has thwarted an attempt by the Hamas militant group to hack soldiers’ phones by posing as attractive women on social media. Israeli Defence Force (IDF) announced it has thwarted an attempt by the Hamas militant group to hack soldiers’ mobile devices by posing as attractive women on social media and […]

Pierluigi Paganini February 17, 2020
Fox Kitten Campaign – Iranian hackers exploit 1-day VPN flaws in attacks

Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world Iran-linked attackers targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies as part of the Fox Kitten Campaign. During the last quarter of 2019, experts from security firm ClearSky uncovered a hacking campaign tracked […]

Pierluigi Paganini February 16, 2020
US administration requests $9.8B for cyber 2021 budget for the Department of Defense

The US administration requested $9.8 billion for cyber in next year’s budget for the Department of Defense, the amount is the same as last year. The US administration requested $9.8 billion for cyber operations in next year’s budget for the Department of Defense, a data that confirms the strategic importance of the fifth domain of […]