Hacking

Pierluigi Paganini July 13, 2020
Hacker claims to have breached Night Lion security firm

Hacker claims to have stolen more than 8,200 databases from the US cyber security firm Night Lion Security. Hacker claims to have stolen more than 8,200 databases from the US cyber security firm Night Lion Security. The hacker is using the moniker “NightLion,” which is the name of the hacked company. The databases are the […]

Pierluigi Paganini July 13, 2020
Records of 45 million+ travelers to Thailand and Malaysia surfaced in the darkweb

Experts from Cyble discovered the availability on the darkweb of records of over 45 million travelers to Thailand and Malaysia from multiple countries. Experts from threat intelligence firm have discovered the availability on the darkweb of records of over 45 million travelers to Thailand and Malaysia from multiple countries. The huge trove of data was […]

Pierluigi Paganini July 12, 2020
Google updates policies to ban any ads for surveillance solutions and services

Google announced that starting from August it will update its policies to reject ads proposed by organizations offering surveillance software. Google announced the update of its Google Ads Enabling Dishonest Behavior policy to “prohibit the promotion of products or services that are marketed or targeted with the express purpose of tracking or monitoring another person […]

Pierluigi Paganini July 11, 2020
Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces. […]

Pierluigi Paganini July 11, 2020
Hackers are scanning the web for vulnerable Citrix systems

Threat actors are scanning the Internet for Citrix systems affected by the recently disclosed vulnerabilities. This week Citrix has addressed 11 vulnerabilities affecting the ADC, Gateway, and SD-WAN WANOP networking products. The vulnerabilities could be exploited by attackers for local privilege escalation, to trigger a DoS condition, to bypass authorization, to get code injection, and to launch […]

Pierluigi Paganini July 11, 2020
Evilnum Group targets European and British fintech companies

A threat actor tracked as Evilnum targeted financial technology companies, mainly the British and European ones, ESET researchers reported. Evilnum threat actor was first spotted in 2018 while using the homonym malware. Over the years, the group added new tools to its arsenal, including custom and homemade malware along with software purchased from the Golden […]

Pierluigi Paganini July 10, 2020
Juniper Networks addressed many issues in its products

Juniper Networks addressed several vulnerabilities in its firewalls, most of them can be exploited by attackers for denial-of-service (DoS) attacks. Juniper Networks addressed several vulnerabilities in its products, most of them can be exploited by attackers for denial-of-service (DoS) attacks. Half a dozen of the flaws are DoS issues that have been rated high severity. […]

Pierluigi Paganini July 10, 2020
Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

Two security researchers have found undocumented Telnet admin account accounts in 29 FTTH devices from Chinese vendor C-Data. Two security researchers have discovered undocumented Telnet admin account accounts in 29 Fiber-To-The-Home (FTTH) devices from Chinese vendor C-Data. The CDATA OLTs are sold under different brands, including Cdata, OptiLink, V-SOL CN, and BLIY. Some of the […]

Pierluigi Paganini July 10, 2020
KingComposer fixes a reflected XSS impacting 100,000 WordPress sites

An XSS vulnerability in the KingComposer page builder for WordPress impacts 100,000 websites using the WordPress plugin.  Researchers at Wordfence Threat Intelligence team discovered a reflected cross-site scripting (XSS) vulnerability, tracked as CVE-2020-15299, in the KingComposer WordPress plugin that potentially impacts 100,000 websites.  KingComposer a fast drag-and-drop page builder for WordPress websites, which comes complete with top-notch features embedded and […]

Pierluigi Paganini July 10, 2020
Pre-Installed malware spotted on other Android phones sold in US

Researchers from Malwarebytes have found yet another phone with pre-installed malware via the Lifeline Assistance program sold in the United States. Researchers at Malwarebytes have found malware pre-installed on smartphones sold in the United States, this is the second time as documented in a report published in January. In January, Malwarebytes researchers discovered that the […]