Hacking

Pierluigi Paganini March 28, 2018
VPN leaks users’ IPs via WebRTC. I’ve tested seventy VPN providers and 16 of them leaks users’ IPs via WebRTC (23%)

Cyber security researcher Paolo Stagno (aka VoidSec) has tested seventy VPN providers and found 16 of them leaks users’ IPs via WebRTC (23%) You can check if your VPN leaks visiting: http://ip.voidsec.com Here you can find the complete list of the VPN providers that I’ve tested: https://docs.google.com/spreadsheets/d/1Nm7mxfFvmdn-3Az-BtE5O0BIdbJiIAWUnkoAF_v_0ug/edit#gid=0 Add a comment or send me a tweet if you have […]

Pierluigi Paganini March 27, 2018
BranchScope is a new side-channel attack method against Intel chip

  BranchScope is a new side-channel attack technique that like Meltdown and Spectre attacks can be exploited by an attacker to obtain sensitive information from vulnerable processors. A group of researchers from the College of William & Mary, University of California Riverside, Carnegie Mellon University in Qatar, and Binghamton University has discovered a new side-channel attack dubbed […]

Pierluigi Paganini March 27, 2018
Grey Heron, the new Co in the surveillance industry that promises to spy on Signal and Telegram

Who is behind the newborn Grey Heron surveillance company? According to an investigation conducted by Motherboard, the firm is linked to the Italian surveillance firm Hacking Team. The development and sale of surveillance software is a profitable business, many government agencies use spyware for different purposes, in some their involvement is very questionable. Early this month, […]

Pierluigi Paganini March 27, 2018
Experts uncovered a watering hole attack on leading Hong Kong Telecom Site exploiting CVE-2018-4878 flaw

Researchers at Morphisec have uncovered a watering hole attack on leading Hong Kong Telecom website exploiting the CVE-2018-4878 flash vulnerability. Security experts at Morphisec have discovered a watering hole attack on leading Hong Kong Telecom website exploiting the CVE-2018-4878 flash vulnerability. In a watering hole attack, hackers infect the websites likely to be visited by their targeted victims, this […]

Pierluigi Paganini March 26, 2018
Law enforcement arrested the head of the Carbanak gang that stole 1 billion from banks

The head of the crime ring behind the Carbanak gang that since 2013 targeted banks worldwide has been arrested in Spain. The mastermind suspected of stealing about £870m (€1bn) in a bank cyber heist has been arrested in Spain. The man is suspected to be the kingpin of the crime ring behind the Carbanak gang that since 2013 […]

Pierluigi Paganini March 25, 2018
A new massive cryptomining campaign target Linux servers exploiting old flaw

Trend Micro uncovered a new crypto mining campaign targeting Linux servers that exploit the CVE-2013-2618 flaw in Cacti’s Network Weathermap plug-in, which system administrators use to visualize network activity. Security firm Trend Micro uncovered new crypto mining campaign, a cybercriminal gang has made nearly $75,000 by installing a Monero miner on vulnerable Linux servers. The […]

Pierluigi Paganini March 25, 2018
Thousands of etcd installs leak 750MB worth of passwords and keys

Thousands of etcd installations are currently leaking 750MB worth of passwords, keys, and sensitive data. Thousands of servers belonging to private businesses and organizations are leaking credentials and potentially sensitive data. It is quite easy for hackers to use the credentials to access the servers and steal sensitive data or use the machines to power […]

Pierluigi Paganini March 24, 2018
Lone DNC Hacker Guccifer 2.0 is linked to the GRU, the Russian military intelligence agency

The US investigators concluded that the Russia-linked hacker Guccifer 2.0 is directly tied to the GRU, the Russian military intelligence agency. Guccifer 2.0 is the alleged hacker behind the DNC hack that also released a huge trove of documents about House Democrats, including Nancy Pelosi’s sensitive data. In February 2016, researchers from security company CrowdStrike, pointed out that […]

Pierluigi Paganini March 23, 2018
A “highly critical” flaw affects Drupal 7 and 8 core, Drupal security updates expected on March 28th

Drupal Security Team confirmed that a “highly critical” vulnerability affects Drupal 7 and 8 core and announced the availability of security updates on March 28th. A “highly critical” vulnerability affects Drupal 7 and 8 core and Drupal developers are currently working to address it. Drupal maintainers initially planned to issue a security release of Drupal 7.x, 8.3.x, 8.4.x, […]

Pierluigi Paganini March 22, 2018
Google is distributing more Meltdown and Spectre Patches for Chrome OS devices

Google announced that mitigations for devices with Intel processors that are affected by the Spectre and Meltdown vulnerabilities will be available for latest stable channel update for Google’s Chrome OS operating system. The Meltdown and Spectre attacks could be exploited by attackers to bypass memory isolation mechanisms and access target sensitive data. The Meltdown attack could allow attackers to read […]