Hacking

Pierluigi Paganini June 16, 2020
Ripple20 flaws in Treck TCP/IP stack potentially expose hundreds of millions of devices to hack

Serious security vulnerabilities in the Treck TCP/IP stack dubbed Ripple20 expose millions of IoT devices worldwide to cyber attacks, researchers warn. Hundreds of millions of devices worldwide could be vulnerable to remote attacks due to security vulnerabilities in the Treck TCP/IP stack dubbed Ripple20. Treck TCP/IP is a high-performance TCP/IP protocol suite designed for embedded […]

Pierluigi Paganini June 16, 2020
BigDebIT flaws in Oracle EBS allow hackers to alter financial records

Oracle addressed two flaws in E-Business Suite solution that can be exploited by attackers to tamper with an organization’s financial records. Oracle addressed two security flaws in its E-Business Suite (EBS) business management solution that could allow attackers to carry out a broad range of malicious activities, including to tamper with an organization’s financial records. […]

Pierluigi Paganini June 16, 2020
T-Mobile suffered a major outage in the US allegedly caused by a massive DDoS attack

Wireless carrier T-Mobile suffered a major outage in the United States, that impacted service at other carriers, due to a “massive” DDoS attack. Wireless carrier T-Mobile suffered a massive DDoS attack that caused a major outage in the United States that impacted service at other carriers due to a “massive” DDoS attack. The attack started […]

Pierluigi Paganini June 16, 2020
Norway suspends its COVID-19 contact tracing app due to privacy concerns

Norway’s health authorities announced the suspension of the design of a COVID-19 contact tracing app due to privacy concerns. In April, Norway launched its contact tracing app dubbed Smittestopp (“Infection stop”) to trace the diffusion of the COVID-19 in the country. A contact tracing app is a tool that could be used to contain new […]

Pierluigi Paganini June 15, 2020
Flaws in mobile Internet protocol GTP allow hackers to target 5G users

Security vulnerabilities in modern communication protocol GTP used by mobile network operators can be exploited by attackers to target 4G/5G users. Researchers at cybersecurity firm Positive Technologies Security have discovered several vulnerabilities in communication protocol GPRS Tunnelling Protocol (GTP), that is used by mobile network operators (MNOs). Threat actors could exploit these flaws to conduct several […]

Pierluigi Paganini June 15, 2020
Accessories giant Claire’s is the victim of a Magecart attack, credit card data exposed

Hackers breached the websites of the U.S. accessory giant Claire’s, and its subsidiary Icing, and gained access to customer’s credit card data. Threat actors have hacked the websites of the U.S. based jewelry and accessory giant Claire’s, and its subsidiary Icing, the security breach took place in April and attackers may have gained access to customer’s credit cards. Claire’s […]

Pierluigi Paganini June 15, 2020
Earth Empusa targets minority group with Android ActionSpy spyware

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. Researchers warn that the Earth Empusa (aka POISON CARP/Evil Eye) threat group is targeting the Uyghurs, a Turkic minority ethnic group originating from and culturally affiliated with the general region of Central and East […]

Pierluigi Paganini June 14, 2020
Ransomware attack disrupts operations at Australian beverage company Lion

Systems at Australian beverages company Lion were infected with a ransomware that disrupted to manufacturing processes and customer service. Systems at Australian beverages company Lion were infected with a ransomware, the security breach caused the disruption of manufacturing processes and customer service. Lion is a beverage and food company that operates in Australia and New Zealand, […]

Pierluigi Paganini June 14, 2020
Coronavirus-themed attacks May 31 – June 13, 2020

This post includes the details of the Coronavirus-themed attacks launched from May 31 to June 13, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected between May 31 and June 13, 2020. June 4, 2020 […]

Pierluigi Paganini June 14, 2020
Maze ransomware gang hacked M&A firm Threadstone Advisors LLP

Maze ransomware operators hit Threadstone Advisors LLP, a US corporate advisory firm specialising in mergers ‘n’ acquisitions. Threadstone Advisors LLP, a corporate advisory firm specialising in mergers ‘n’ acquisitions, is the last victim of the Maze ransomware operators. MAZE ransomware operators have stolen the data of the company before encrypting its systems and threaten to […]