Breaking News

Pierluigi Paganini April 16, 2019
Adblock Plus filter can be exploited to execute arbitrary code in web pages

Expert discovered an exploit that could allow ad blocking filter list maintainers for the Adblock Plus, AdBlock, and uBlocker browser extensions to craft filters to inject remote scripts into web sites. ad blocking extensions receive in input a list of malicious URLs that prevents the browser from connecting to them. With the release of Adblocker […]

Pierluigi Paganini April 16, 2019
Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading

Scranos is a powerful cross-platform rootkit-enabled spyware discovered while investigating malware posing as legitimate software like video players, drivers and even anti-virus products. The Scranos rootkit malware was first discovered late last year when experts at Bitdefender were analyzing a new password- and data-stealing operation leveraging around a rootkit driver digitally signed with a stolen […]

Pierluigi Paganini April 16, 2019
Ecuador suffered 40 Million Cyber attacks after the Julian Assange arrest

Ecuador suffered 40 million cyber attacks on websites of public institutions since the arrest of Wikileaks founder Julian Assange. Last week, WikiLeaks founder Julian Assange has been arrested at the Ecuadorian Embassy in London. after Ecuador withdrew asylum after seven years. In response to the arrest acktivist communities launched several attacks against the Ecuador government. […]

Pierluigi Paganini April 16, 2019
CVE-2019-0803 Windows flaw exploited to deliver PowerShell Backdoor

A recently fixed local privilege escalation flaw in windows (CVE-2019-0803) had been exploited by bad actors to deliver PowerShell Backdoor. April 2019 Patch Tuesday security updates addressed a local privilege escalation flaw in Windows operating system, tracked as CVE-2019-0859 that had been exploited by threat actors to deliver a PowerShell backdoor. The flaw could allow […]

Pierluigi Paganini April 15, 2019
Gnosticplayers round 5 – 65 Million+ fresh accounts from 6 security breaches available for sale

The popular hacker Gnosticplayers made the headlines again, he is offering for sale on the dark web the fifth round of hacked accounts. The popular hacker Gnosticplayers is offering for sale on the dark web the fifth round of hacked accounts. Between February and March, the hacker disclosed the existence of some massive unreported data […]

Pierluigi Paganini April 15, 2019
A new DDoS technique abuses HTML5 Hyperlink Audit Ping in massive attacks

Experts at Imperva discovered a new type of large-scale DDoS attack that abuses the HTML5 Ping-based hyperlink auditing feature. Experts at Imperva Vitaly Simonovich and Dima Bekerman observed a large-scale DDoS attack abusing the HTML5 Ping-based hyperlink auditing feature. The DDoS attack peaked at a massive 7,500 requests per second and delivered more than 70 […]

Pierluigi Paganini April 15, 2019
Apache fixed an important RCE flaw in Tomcat application server

The Apache Software Foundation has released new versions of the Tomcat application server that address an important remote code execution vulnerability. The new versions of the Tomcat application server address an important remote code execution vulnerability that could be exploited by a remote attacker to execute malicious code and take control of a vulnerable server. […]

Pierluigi Paganini April 15, 2019
Locked Shields 2019 – Chapeau, France wins Cyber Defence Exercise

Locked Shields 2019 – France wins, the world’s biggest and most advanced international cyber drills organized by NATO Cooperative Cyber Defence Center of Excellence (CCDCOE).  The international live-fire cyber defence exercise Locked Shields 2019(LS19) took place on April 8-12 in Tallinn, Estonia, and the figures behind this important competition are important. Locked Shields 2019 is organised […]

Pierluigi Paganini April 15, 2019
Yellow Pencil WordPress Plugin flaw expose tens of thousands of sites

Thousands of WordPress sites using the Yellow Pencil Plugin were exposed to hacking due to a privilege escalation vulnerability in the plugin. A privilege escalation vulnerability in the Yellow Pencil Visual Theme Customizer plugin exposes WordPress websites to hack. The flaw could be exploited by attackers to update arbitrary options on vulnerable installations. Early this […]

Pierluigi Paganini April 14, 2019
Romanian duo convicted of fraud Scheme infecting 400,000 computers

Two Romanian hackers are convicted of infecting 400,000 computers in the U.S. with malicious code and stole millions of dollars from the victims. Bogdan Nicolescu and Radu Miclaus are convicted of infecting 400,000 computers, most of them in the U.S.. The malware was developed to steal credentials, financial data, personal information, then the crooks offered […]