Breaking News

Pierluigi Paganini June 06, 2019
VMware addressed flaws in its Workstation and Tools

VMware has informed its users that it has patched two high-severity vulnerabilities that affect its Tools and Workstation software. VMware has patched two high-severity flaws that affect its Tools and Workstation software. The first security flaw, tracked as CVE-2019-5522, affects VMware Tools 10.x on Windows. The vulnerability is an out-of-bounds read issue in the vm3dmp driver in […]

Pierluigi Paganini June 06, 2019
Remote code execution flaw in Ministra IPTV Platform exposes user data and more

Researchers at security firm CheckPoint have discovered multiple critical vulnerabilities in a popular IPTV middleware platform. Security experts at CheckPoint have discovered multiple critical flaws in a popular IPTV middleware platform that is used by more than a thousand online media streaming services to manage their millions of subscribers. Ministra TV platform is a PHP-based […]

Pierluigi Paganini June 06, 2019
Cisco disclosed several flaws in Cisco Industrial Network Director

Cisco disclosed several flaws in its CISCO Industrial Network Director product, including a high severity code execution vulnerability. Cisco employees discovered several vulnerabilities in CISCO Industrial Network Director product, including a high severity code execution flaw. The Cisco Industrial Network Director is used to manage industrial networks, it helps operations teams gain full visibility into […]

Pierluigi Paganini June 06, 2019
Platinum APT and leverages steganography to hide C2 communications

The Platinum cyber espionage group uses steganographic technique to hide communications with the Command and Control Servers  (C&C). Experts from Kaspersky have linked the Platinum APT group with cyber attacks involving an elaborate, and new steganographic technique used to hide communications with C2 servers. The APT group was discovered by Microsoft in 2016, it targeted organizations […]

Pierluigi Paganini June 06, 2019
0patch experts released unofficial Patch Available for Recent Windows 10 Task Scheduler Zero-Day

Experts at 0patch released an unofficial patch to address a recently disclosed zero-day vulnerability in Windows 10 Task Scheduler.  Security experts at 0patch released an unofficial patch to address a recently disclosed zero-day vulnerability in Windows 10 Task Scheduler.  A couple of weeks ago, researcher SandboxEscaper released a working exploit for the vulnerability, Like the […]

Pierluigi Paganini June 05, 2019
NSA urges Windows Users and admins to Patch BlueKeep flaw

The National Security Agency (NSA) is urging Windows users and administrators to install security updates to address BlueKeep flaw (aka CVE-2019-0708). Last week Microsoft issued a second security advisory to warn users of older Windows OS versions to update their systems in order to patch the remote code execution vulnerability dubbed BlueKeep. Now the National Security […]

Pierluigi Paganini June 05, 2019
Tens of Million patients impacted by the AMCA data breach

Outsourced silos of personal info raided, at least 200,000 payment details swiped Recovery agency for patient collections American Medical Collection Agency (AMCA) suffered a data breach that could impact many of its customers. American Medical Collection Agency (AMCA) suffered a data breach that could impact many of its customers, the company still hasn’t disclosed details. […]

Pierluigi Paganini June 05, 2019
The Australian National University suffered a major, sophisticated attack

The Australian National University suffered a vast hack carried out by a “sophisticated operator” who gained access to 19 years of sensitive data. The Australian National University was the victim of a vast hack carried out by a “sophisticated operator” who gained access to 19 years of sensitive data. The top Australian university is known […]

Pierluigi Paganini June 05, 2019
Expert developed a MetaSploit module for the BlueKeep flaw

A security expert has developed a Metasploit module to exploit the critical BlueKeep vulnerability and get remote code execution. The security researcher Zǝɹosum0x0 has developed a module for the popular Metasploit penetration testing framework to exploit the critical BlueKeep flaw. The vulnerability, tracked as CVE-2019-0708, impacts the Windows Remote Desktop Services (RDS) and was addressed by Microsoft with May […]

Pierluigi Paganini June 05, 2019
BlackSquid malware uses multiple exploits to drop cryptocurrency miners

A new piece of malware appeared in the threat landscape, dubbed BlackSquid it targets web servers with several exploits to deliver cryptocurrency miners. Security experts at Trend Micro have discovered a new Monero cryptomining miner, dubbed BlackSquid, that is targeting web servers, network drives, and removable drives. The new piece of malware leverages many exploits […]