Hacking

Pierluigi Paganini July 28, 2018
Russian APT28 espionage group targets democratic Senator Claire McCaskill

The Russia-linked APT28 group targets Senator Claire McCaskill and her staff as they gear up for her 2018 re-election campaign. The Russian APT group tracked as Fancy Bear (aka APT28, Pawn Storm, Sofacy Group, Sednit, and STRONTIUM), that operated under the Russian military agency GRU, continues to target US politicians. This time the target is Senator Claire McCaskill and her staff as […]

Pierluigi Paganini July 28, 2018
Microsoft revealed details of a supply chain attack at unnamed Maker of PDF Editor

Microsoft revealed that hackers attempted to compromise the supply chain of an unnamed maker of PDF software. The attackers compromised a font package installed by a PDF editor app and used it to spread a crypto-mining malware on victims’ machines. The attack was discovered by the experts from Microsoft that received alerts via the Windows […]

Pierluigi Paganini July 27, 2018
NetSpectre is a remote Spectre attack that allows stealing data over the network

Researchers discovered a new variant of the Spectre attack, dubbed NetSpectre, that allows to steal data over the network from the target system. A group of researchers has devised a new variant of the Spectre attack, dubbed NetSpectre, that could allow an attacker to steal data over the network from the target system. NetSpectre is described as […]

Pierluigi Paganini July 27, 2018
Leafminer cyber espionage group targets Middle East

Hackers belonging an Iran-linked APT group tracked as ‘Leafminer’ have targeted government and various organizations in the Middle East. An Iran-linked APT group tracked as ‘Leafminer’ has targeted government and businesses in the Middle. According to the experts from Symantec, the Leafminer group has been active at least since early 2017. “Symantec has uncovered the operations of a threat actor named […]

Pierluigi Paganini July 26, 2018
US-CERT warns of ongoing cyber attacks aimed at ERP applications

US-CERT warns of cyber attacks on ERP applications, including Oracle and SAP, and refers an interesting report published by Digital Shadows and Onapsis. US-CERT warns of cyber attacks on Enterprise resource planning (ERP) solutions such as Oracle and SAP, both nation-state actors and cybercrime syndicates are carrying out hacking campaign against these systems. The report published by […]

Pierluigi Paganini July 26, 2018
Ransomware attack disrupted some systems of the shipping giant COSCO in the US

The Chinese shipping giant COSCO was reportedly hit by a ransomware based attack, the attack occurred in the American region. According to COSCO a “local network breakdown” disrupted some systems in the United States. Media confirmed the incident was the result of a ransomware attack and quoted a company spokesman as the source. “The China Ocean Shipping […]

Pierluigi Paganini July 26, 2018
Experts discovered a Kernel Level Privilege Escalation in Oracle Solaris

Security expert discovered Kernel Level Privilege Escalation vulnerability in the Availability Suite Service component of Oracle Solaris 10 and 11.3 Security researchers from Trustwave have discovered a new high severity vulnerability, tracked as CVE-2018-2892, that affected the Availability Suite Service component in Oracle Solaris 10 and 11.3. The flaw could be exploited by a remote authenticated […]

Pierluigi Paganini July 25, 2018
Hide ‘N Seek botnet also includes exploits for home automation systems

Security experts from Fortinet have discovered that the Hide ‘N Seek botnet is now targeting vulnerabilities in home automation systems. The Hide ‘N Seek botnet was first spotted on January 10th when it was targeting home routers and IP cameras. It was first spotted on January 10th by malware researchers from Bitdefender then it disappeared for a few days, and appeared […]

Pierluigi Paganini July 25, 2018
Korean Davolink routers are easy exploitable due to poor cyber hygene

Davolink dvw 3200 routers have their login portal up on port 88, the access is password protected, but the password is hardcoded in the HTLM of login page. The story started in 2018 when Anubhav noticed a very basic flaw the routers of the Korean vendor Davolink. These Davolink dvw 3200 routers have their login […]

Pierluigi Paganini July 25, 2018
The Death botnet grows targeting AVTech devices with a 2-years old exploit

A new botnet, tracked as Death botnet has appeared in the threat landscape and is gathering unpatched AVTech devices with an old exploit. A new botnet, tracked as ‘Death botnet,’ has appeared in the threat landscape, its author that goes online with the moniker EliteLands is gathering unpatched AVTech devices in the malicious infrastructure. AVTech […]