Hacking

Pierluigi Paganini February 25, 2019
ICANN warns of large-scale attacks on Internet infrastructure

Large-scale attacks are threatening the global Internet infrastructure, the alarm was launched by the Internet Corporation for Assigned Names and Numbers (ICANN). After an emergency meeting, the Internet Corporation for Assigned Names and Numbers (ICANN) confirmed that the global Internet infrastructure is facing large-scale attacks. ICANN warns of “an ongoing and significant risk” to key […]

Pierluigi Paganini February 24, 2019
CVE-2019-9019 affects British Airways Entertainment System on Boeing 777-36N(ER)

The British Airways Entertainment System, as installed on Boeing 777-36N(ER) and possibly other aircraft, is affected by a privilege escalation issue tracked as CVE-2019-9019. Experts discovered a critical vulnerability in the British Airways Entertainment System. The flaw is a privilege escalation issue that resides in the component USB Handler, an attacker could exploit it using […]

Pierluigi Paganini February 24, 2019
70000 Pakistani banks’ cards with PINs go on sale on the dark web.

Group-IB experts discovered new databases with a total of 69,189 Pakistani banks’ cards that have shown up for sale on the dark web. Group-IB, an international company that specializes in preventing cyberattacks, has discovered new databases with a total of 69,189 Pakistani banks’ cards that have shown up for sale on the dark web. The […]

Pierluigi Paganini February 24, 2019
Fbot malware targets HiSilicon DVR/NVR Soc devices

Experts at 360Netlab observed the Fbot bot infecting a large number of HiSilicon DVR/NVR Soc devices. Since February 16, 2019, security experts at 360Netlab observed a large number of HiSilicon DVR/NVR Soc devices were infected with an updated version of the Fbot bot. The Fbot malware was first discovered by 360Netlab researchers, according to the […]

Pierluigi Paganini February 23, 2019
Campaigns through LinkedIn ’s DM deliver More_eggs backdoor via fake job offers

Experts uncovered a new malware campaign that attempts to circumvent victims by abusing LinkedIn ’s direct messaging service.  Researchers at Proofpoint have uncovered a new malware campaign that attempts to circumvent victims by abusing LinkedIn’s direct messaging service.  “In direct follow-up emails, the actor pretends to be from a staffing company with an offer of […]

Pierluigi Paganini February 22, 2019
WhatsApp fixes Face ID and Touch ID authentication bypass

WhatsApp recently implemented Face ID and Touch ID authentication for Apple iOS app, but unfortunately, it can be easily bypassed. Earlier February, WhatsApp introduced Face ID and Touch ID authentication for its iOS app to allow users to lock the application using the Face ID facial recognition and Touch ID fingerprint systems. The security feature […]

Pierluigi Paganini February 22, 2019
Expert found a DoS flaw in Windows Servers running IIS

Windows servers running Internet Information Services (IIS) are vulnerable to denial-of-service (DoS) attacks carried out through malicious HTTP/2 requests. Microsoft revealed that Windows servers running Internet Information Services (IIS) are vulnerable to denial-of-service (DoS) attacks. Attackers can trigger a DoS condition by sending specially crafted HTTP/2 requests, the CPU usage will temporarily spike to 100% […]

Pierluigi Paganini February 21, 2019
Adobe released second fix for the same Adobe Reader flaw

Adobe released a second patch to address the CVE 2019-7089 flaw in Adobe Reader after an expert found the way to bypass the first fix. Adobe on Thursday released a second patch to address a critical information disclosure vulnerability in Adobe reader, tracked as CVE 2019-7089, after the expert who initially discovered the flaw devised […]

Pierluigi Paganini February 21, 2019
Security experts released new GandCrab Decryptor for free

Security experts at BitDefender have released a new version of the GandCrab decryptor able to decrypt versions of GandCrab 1, 4 and 5. Security experts at BitDefender have released a new version of the GandCrab decryptor that could be used to decrypt versions of GandCrab 1, 4 and 5, including the latest version 5.1. The […]

Pierluigi Paganini February 21, 2019
Critical bug in WINRAR affects all versions released in the last 19 years

Security experts at Check Point have disclosed technical details of a critical vulnerability in the popular file compression software WinRAR. Experts at Check Point discovered the logical bug in WinRAR by using the WinAFL fuzzer and found a way to exploit it to gain full control over a target computer Over 500 million users worldwide use the […]