Breaking News

Pierluigi Paganini April 07, 2019
Rockwell Automation fixes multiple DoS flaws in Stratix Switch introduced by Cisco Software

Rockwell Automation released updates for Allen-Bradley Stratix industrial switches that address several DoS flaws introduced by Cisco software. Rockwell Automation released security updates that address several DoS vulnerabilities in its Allen-Bradley Stratix industrial switches introduced by Cisco software. ICS-CERT and Rockwell Automation published three separate advisories to warn of the effects of the vulnerabilities introduced […]

Pierluigi Paganini April 07, 2019
DNS hijacking campaigns target Gmail, Netflix, and PayPal users

Security experts at Bad Packets uncovered a DNS hijacking campaign that is targeting the users of popular online services, including Gmail, Netflix, and PayPal. Experts at Bad Packets uncovered a DNS hijacking campaign that has been ongoing for the past three months, attackers are targeting the users of popular online services, including Gmail, Netflix, and […]

Pierluigi Paganini April 06, 2019
FIN6 group starts using LockerGoga and Ryuk Ransomware

Security experts at FireEye observed the financially motivated group FIN6 adding the LockerGoga and Ryuk ransomware to its arsenal. According to cybersecurity experts at FireEye, the FIN6 cybercrime group is diversifying its activities and added LockerGoga and Ryuk ransomware to its arsenal. Previous attacks conducted by the FIN6 group aimed at compromising point-of-sale (PoS) systems, […]

Pierluigi Paganini April 06, 2019
DoS flaw in several MikroTik Routers exploited in attacks

A vulnerability could be exploited by attackers to trigger a denial-of-service (DoS) condition on devices running RouterOS. MikroTik routers made the headlines again, the company disclosed this week technical details about a year-old vulnerability that exposes the device to remote attacks. Attackers could exploit the vulnerability to trigger a denial-of-service (DoS) condition on devices running […]

Pierluigi Paganini April 06, 2019
Magento Attacked Through Card Skimming Exploit

Currently of 300,000+ Magento stores, the vast majority of the installs is still running vulnerable versions of the popular content management system. The problem with patches is that sometimes they fix something and sometimes they break something. Sounds strange, right? Well, let us explain ourselves. See, PRODSECBUG-2198 is a security patch for Magento that fixes […]

Pierluigi Paganini April 05, 2019
Hackers can add, remove cancer and other illnesses from Computer Tomography scans

Researchers demonstrated that hackers can modify 3D Computer Tomography scans to add or remove evidence of a serious illness, including cancers. A group of researchers from the Ben-Gurion University and the Soroka University Medical Center, Beer-Sheva, in Israel, have demonstrated that hackers can modify 3D medical scans to the result of a clinical examination. Attackers […]

Pierluigi Paganini April 05, 2019
Xwo Malware scans the Internet for Exposed Services, Default Passwords

Researchers at AT&T Alien Labs have spotted a malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. Experts at AT&T Alien Labs discovered a new piece of malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. The name ‘Xwo‘ comes from […]

Pierluigi Paganini April 05, 2019
Ursnif: The Latest Evolution of the Most Popular Banking Malware

ZLab Yoroi-Cybaze dissected another attack wave of Ursnif Trojan, aka Gozi ISFB, an offspring of the original Gozi which source code was leaked in 2014. ZLab Yoroi-Cybaze dissected another attack wave of Ursnif Trojan, aka Gozi ISFB, an offspring of the original Gozi which source code was leaked in 2014. Introduction A few days ago, […]

Pierluigi Paganini April 05, 2019
Flaws in Pre-Installed security App on Xiaomi Phones open to hack them

If you use a Xiaomi smartphone you should be aware that a pre-installed security software could be abused for malicious activities. Bad news for the owners of Xiaomi smartphones, a pre-installed security application could be used as a backdoor by hackers. Security experts at CheckPoint have discovered that a security app, called Guard Provider, that […]

Pierluigi Paganini April 05, 2019
Step By Step Office Dropper Dissection

Malware researcher and founder of Yoroi Marco Ramill described a step-by-step procedure that shows how to dissect an Office dropper. During the past few weeks, I received several emails asking how to dissect Office Payloads. While I was thinking about how to answer to such questions I received a MalSpam with a Microsoft Office document […]