Breaking News

Pierluigi Paganini October 13, 2018
Pentagon Defense Department travel records data breach

Pentagon – Defense Department travel records suffered a data breach that compromised the personal information and credit card data of U.S. military and civilian personnel. The Pentagon revealed that the Defense Department travel records suffered a data breach that compromised the personal information and credit card data of U.S. military and civilian personnel. The data breach […]

Pierluigi Paganini October 13, 2018
Experts warn of fake Adobe Flash update hiding a miner that works as a legitimate update

Security experts from Palo Alto Networks warn of fake Adobe Flash update hiding a miner that works as legitimate update and really update the software. A fake Adobe Flash update actually was used as a vector for a malicious cryptocurrency miner, the novelty in this last campaign is represented by the tricks used by attackers to stealthily […]

Pierluigi Paganini October 13, 2018
NHS is still assessing the cost of WannaCry one year later

The UK’s Department of Health and Social Care provided an update on the efforts to secure the NHS IT infrastructure, with a focus on WannaCry overall costs. The UK’s Department of Health and Social Care provided an update on the spent to secure the IT infrastructure in a report titled “Securing cyber resilience in health […]

Pierluigi Paganini October 12, 2018
Facebook Data Breach Update: attackers accessed data of 29 Million users

Facebook data breach – The company provided an updated for the data breach it disclosed at the end of September, hackers accessed personal data of 29 million users. Facebook announced that hackers accessed data of 29 Million users, a number that is less than initially thought of 50 million. The hackers did not affect Facebook-owned Messenger, Messenger Kids, Instagram, WhatsApp, […]

Pierluigi Paganini October 12, 2018
Fitmetrix fitness software company may have exposed millions of customer records

Fitmetrix fitness software company exposed customer data online, a 119GB archive containing name, gender, email address, birth date, height, weight and more A fitness software company Fitmetrix may have exposed a database hosted on AWS  containing millions of customer records. The exposed records included name, gender, email address, birth date, home and work phone, height, weight and […]

Pierluigi Paganini October 12, 2018
Five Eyes Intelligence agencies warn of popular hacking tools

Security agencies belonging to Five Eyes (United States, United Kingdom, Canada, Australia and New Zealand) have released a joint report that details some popular hacking tools. Experts from cybersecurity agencies from Five Eyes intelligence alliance have issued a report that provides technical details on most popular hacking tool families and the way to detect and […]

Pierluigi Paganini October 12, 2018
Hackers targeting Drupal vulnerabilities to install the Shellbot Backdoor

A group of hackers is targeting Drupal vulnerabilities, including Drupalgeddon2, patched earlier this year to install a backdoor on compromised servers. Security experts from IBM are targeting Drupal vulnerabilities, including the CVE-2018-7600 and CVE-2018-7602 flaws, aka Drupalgeddon2 and Drupalgeddon3, to install a backdoor on the infected systems and tack full control of the hosted platforms. According to the IBM experts, this last […]

Pierluigi Paganini October 12, 2018
DOM-XSS Bug Affecting Tinder, Shopify, Yelp, and More

Our team of security researchers was researching dating apps client-side security, and one of the main focus targets was the social search mobile app Tinder. After initial reconnaissance steps were done, a Tinder domain with multiple client-side security issues was found – meaning hackers could have access to users’ profiles and details. Immediately after finding these vulnerabilities, we […]

Pierluigi Paganini October 11, 2018
Exaramel Malware Links Industroyer ICS malware and NotPetya wiper

ESET researchers have spotted a new strain of malware tracked as Exaramel that links the dreaded not Petya wiper to the Industroyer ICS malware. A few months ago, researchers from ESET discovered a new piece of malware that further demonstrates the existence of a link between Industroyer and the NotPetya wiper. In June 2017, researchers at antivirus firm ESET […]

Pierluigi Paganini October 11, 2018
Juniper Networks provides dozens of fix for vulnerabilities in Junos OS

Juniper Networks has released security updates to address serious vulnerabilities affecting the Junos operating system. This week, Juniper Networks has patched dozens of serious security provided security patches for each of them, the security advisories are available on the company website. The most severe flaw is probably the  CVE-2018-0049, which could be exploited by an attacker to […]