Breaking News

Pierluigi Paganini September 26, 2019
iOS 13 Bug Gives Third-Party Keyboards “Full Access” Permissions

This week, Apple released iOS 13 and iPadOS, now a few days later, the company is warning users of an unpatched security flaw in third-party keyboard apps. Apple has released a security advisory to warn users of an unpatched security bug in iOS 13 that affects third-party keyboard apps. The bug can result in granting […]

Pierluigi Paganini September 26, 2019
Airbus suppliers were hit by four major attack in the last 12 months

Airbus Hit by Series of Cyber Attacks on Suppliers: Security Sources The European multinational aerospace corporation Airbus has been hit by a series of attacks, hackers targeted its suppliers to steal Intellectual property. The European aerospace giant Airbus has been hit by a series of supply chain attacks, threat actors hit its suppliers in the […]

Pierluigi Paganini September 26, 2019
Study shows connections between 2000 malware samples used by Russian APT groups

A joint research from Intezer and Check Point Research shows connections between nearly 2,000 malware samples developed by Russian APT groups. A joint research from Intezer and Check Point Research shed light on Russian hacking ecosystem and reveals connections between nearly 2,000 malware samples developed by Russian APT groups. The report is extremely interesting because gives to the analysts […]

Pierluigi Paganini September 26, 2019
USBsamurai for Dummies: How To Make a Malicious USB Implant & Bypass Air-Gapped Environments for 10$. The Dumb-Proof Guide.

The popular researcher Luca Bongiorni described how to make a malicious USB Implant (USBsamurai) that allows bypassing Air-Gapped environments with 10$. In the previous post, I have talked a bit about USBsamurai based on C-U0007. With this article I wanna bring more light regarding: Which are the differences between C-U0007 & C-U0012 How to Build USBsamurai […]

Pierluigi Paganini September 26, 2019
Emsisoft releases a free decryptor for the WannaCryFake ransomware

Researchers at Emsisoft security firm have released a new free decryption tool for the WannaCryFake ransomware. Good news for the vicitms of the WannaCryFake ransomware, researchers at Emsisoft have released a FREE decryption tool that will allow decrypting their data. WannaCryFake is a piece of ransomware that uses AES-256 to encrypt a victim’s files. The […]

Pierluigi Paganini September 25, 2019
Czech Intelligence ‘s report attributes major cyber attack to China

The Czech Intelligence agency blames China for a major cyber attack that hit a key government institution in the Czech Republic in 2018. According to a report published by the NUKIB Czech National Cyber and Information Security Agency (NUKIB), China carried out a major cyber attack on a key government institution in the Czech Republic […]

Pierluigi Paganini September 25, 2019
Heyyo dating app left its users’ data exposed online

Another day, another embarrassing data leak made the headlines, the online dating app Heyyo left a server exposed on the internet. The online dating app Heyyo left a server exposed on the internet without protection, data were stored on an Elasticsearch instance. The exposed data included personal details, images, location data, phone numbers, and dating […]

Pierluigi Paganini September 25, 2019
US Utilities Targeted with LookBack RAT in a new phishing campaign

Security experts at Proofpoint observed a new wave of phishing attacks aimed at US Utilities in an attempt to deliver the LookBack RAT. Security experts at Proofpoint have discovered a new series of phishing attacks targeting entities US utilities in an attempt to deliver the LookBack RAT. In early August, the expert reported that between […]

Pierluigi Paganini September 25, 2019
Adobe Patches two critical vulnerabilities in ColdFusion

Adobe released security updates to address three severe vulnerabilities in its ColdFusion web application development platform Adobe released ColdFusion 2016 Update 12 and ColdFusion 2018 Update 5 to address three severe vulnerabilities in its ColdFusion web application development platform, two of them have been rated as “critical.” “Adobe has released security updates for ColdFusion versions […]

Pierluigi Paganini September 24, 2019
Hacker discloses details and PoC exploit code for unpatched 0Day in vBulletin

An anonymous hacker disclosed technical details and proof-of-concept exploit code for a critical zero-day remote code execution flaw in vBulletin. vBulletin is one of the most popular forum software, for this reason, the disclosure of a zero-day flaw affecting it could impact a wide audience. More than 100,000 websites online run on top of vBulletin. […]