Breaking News

Pierluigi Paganini November 18, 2017
A new EMOTET Trojan variant improves evasion techniques

Security experts at Trend Micro had recently observed a new variant of the EMOTET banking Trojan that implements new evasion features. EMOTET, aka Geodo, is linked to the dreaded Dridex and Feodo (Cridex, Bugat)  malware families. In past campaigns, EMOTET was used by crooks to steal banking credentials and as a malicious payload downloader. The experts observed […]

Pierluigi Paganini November 18, 2017
Terabytes of US military social media surveillance miserably left wide open in AWS S3 buckets

Three AWS S3 buckets containing dozen of terabytes resulting from surveillance on US social media were left wide open online. It has happened again, other three AWS S3 buckets containing dozen of terabytes resulting from surveillance on US social media were left wide open online. The misconfigured AWS S3 buckets contain social media posts and similar pages […]

Pierluigi Paganini November 18, 2017
City of Spring Hill in Tennessee still hasn’t recovered from ransomware attack

In early November, the City of Spring Hill, Tenn, suffered a ransomware attack, but it still hasn’t recovered from attack attack. In early November, the City of Spring Hill, Tenn, suffered a ransomware attack, but government officials refused to pay a $250,000 ransom demanded by the crooks and attempted to restore the database recovering the content […]

Pierluigi Paganini November 17, 2017
GitHub warns developers when their projects include vulnerable libraries

The code hosting service GitHub warns developers when including certain flawed software libraries in their projects and suggest fixes to solve the issues. The code hosting service warns developers when including certain flawed software libraries in their projects and provides advice on how to address the issue. GitHub has recently introduced the Dependency Graph, a […]

Pierluigi Paganini November 17, 2017
Who is behind MuddyWater in the Middle East? Likely a politically-motivated actor

Researchers are investigating a mysterious wave of attacks in the Middle East that was dubbed MuddyWater due to the confusion in attributing the. Security experts at Palo Alto Networks are monitoring long-lasting targeted attacks aimed at entities in the Middle East and that are difficult to attribute. The experts called the campaign ‘MuddyWater’ due to the […]

Pierluigi Paganini November 17, 2017
Oracle issues emergency patches for JOLTANDBLEED flaws

JoltandBleed – Oracle issued an emergency patch for vulnerabilities affecting several of its products that rely on the proprietary Jolt protocol. Oracle issued an emergency patch for vulnerabilities affecting several of its products that rely on the proprietary Jolt protocol. The vulnerabilities were reported by experts at ERPScan who named the set of five vulnerabilities JoltandBleed. The most critical flaw […]

Pierluigi Paganini November 17, 2017
Kaspersky provided further details on NSA Incident. Other APTs targeted the same PC

Kaspersky Lab publishes a full technical report related to hack of its antivirus software to steal NSA hacking code. In October, anonymous source claimed that in 2015 the Russian intelligence stole NSA cyber weapons from the PC of one of its employees that was running the Kaspersky antivirus. Kaspersky denies any direct involvement and provided further details […]

Pierluigi Paganini November 17, 2017
20 Million Google Home and Amazon Echo devices are affected by the Blueborne flaws

Millions of AI-based voice-activated personal assistants, including Google Home and Amazon Echo, are affected by the Blueborne flaws. A series of recently disclosed critical Bluetooth flaws that affect billions of Android, iOS, Windows and Linux devices have now been discovered in Millions of AI-based voice-activated personal assistants, including Google Home and Amazon Echo, are affected by the recently discovered Blueborne vulnerabilities. The recently […]

Pierluigi Paganini November 16, 2017
Terdot Banking Trojan is back and it now implements espionage capabilities

The Terdot banking Trojan isn’t a novelty in the threat landscape, it has been around since mid-2016, and now it is reappearing on the scenes. According to Bitdefender experts, vxers have improved the threat across the years, implementing credential harvesting features as well as social media account monitoring functionality. The Terdot banking Trojan is based on the Zeus […]

Pierluigi Paganini November 16, 2017
Cisco issued a security advisory warning of a flaw in Cisco Voice Operating System software

Cisco issued a security advisory warning of a vulnerability in Cisco Voice Operating System software platform that affects at least 12 products. The tech giant Cisco issued a security advisory warning of a vulnerability in Cisco Voice Operating System software platform that could be triggered by an unauthenticated, remote hacker to gain unauthorized and elevated access to vulnerable […]