Google has awarded a record $112,500 to a security researcher for reporting an exploit chain that could be used to hack Pixel smartphones. Last week the Google disclosed the technical details of the exploit chain that was devised in August 2017 by the Guang Gong from Alpha Team at Qihoo 360 Technology. The exploit chain triggers two […]
The Samsam Ransomware made the headlines in the first days of 2018, the malicious code infected systems of some high-profile targets, including a hospital that paid a $55,000 ransom. The SamSam ransomware is an old threat, attacks were observed in 2015 and the list of victims is long, many of them belong to the healthcare industry. […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Once again thank you! · Fappening – A fourth man has been charged with hacking into over 250 Apple iCloud accounts belonging to celebrities · Lenovo spotted and fixed a backdoor in RackSwitch and BladeCenter networking switches […]
OnePlus confirmed that a security breach affected its online payment system, hackers stole credit card information belonging to up to 40,000 customers. OnePlus confirmed that a security breach affected its online payment system, a few days ago many customers of the Chinese smartphone manufacturer claimed to have been the victim of fraudulent credit card transactions after making purchases […]
Security expert Mikail Tunç analyzed Jenkins servers exposed online discovering that many instances leak sensitive information. The researchers clarify that he did not exploit any vulnerabilities to gain access to Jenkins servers, he simply analyzed open ones. Jenkins is the most popular open source automation server, it is maintained by CloudBees and the Jenkins community. The automation […]
British teenager Kane Gamble (15), leader of the ‘Crackas With Attitude’ hacking group gained access to intel operations in Afghanistan and Iran by posing as the CIA chief. Do you remember “Crackas With Attitude”? You remember for sure the Crackas With Attitude, a hacking crew that claimed clamorous actions in support of the Palestine cause. The notorious group […]
Threat actors with a deep knowledge of the Fiscal Italian ecosystem are using a huge botnet to target Italian companies and Ministry of the Interior. On Januaty 18 a colleague of mine (Luca) called me telling a malicious email was targeting Italian companies. This is the beginning of our new analysis adventure that Luca and […]
Red Hat is going to release updates that are reverting previous patches for the Spectre vulnerability (Variant 2, aka CVE-2017-5715). Just after the release of Spectre and Meltdown patches many experts argued a significative impact on performance and stability of systems running them. While Meltdown and Spectre Variant 1 could be theoretically being addressed by […]
US Government missed a historic opportunity to reform a dangerous surveillance law that opens to a global surveillance, instead it has signed a version that makes it worse. The U.S. legal framework related to the domestic surveillance has been signed by President Trump one day after the Senate approved it with 65 votes against 34. The […]
The industrial giant Schneider discovered that the Triton malware exploited a zero-day vulnerability in Triconex Safety Instrumented System (SIS) controllers in an attack aimed at a critical infrastructure organization. In December 2017, a new malicious code dubbed Triton malware (aka Trisis) was discovered by researchers at FireEye, it was specifically designed to target industrial control […]