Hacking

Pierluigi Paganini April 30, 2020
Chegg discloses the third data breach in the last two years

The American education technology firm Chegg discloses a security breach, it already sent notifications to its employees The US education technology company Chegg discloses a security breach that took place in early April, the firm already sent notifications to its employees. The data breach notification sent on April 28 inform the employee of a security […]

Pierluigi Paganini April 30, 2020
Group-IB uncovers PerSwaysion – sophisticated phishing campaign targeting executives worldwide

Group-IB uncovered a new sophisticated phishing campaign, tracked as PerSwaysion, against high-level executives of more than 150 companies worldwide.  Group-IB, a Singapore-based cybersecurity company, has identified a series of sophisticated successful phishing attacks against the management and executives of more than 150 companies around the world. The campaign, dubbed PerSwaysion due to the extensive abuse […]

Pierluigi Paganini April 30, 2020
Experts found critical flaws in 3 popular e-Learning WordPress Plugins

Security researchers from Check Point Research Team discovered critical vulnerabilities in three popular e-learning plugins for WordPress sites. Security researchers at Check Point Research Team are warning of recently discovered vulnerabilities in some popular online learning management system (LMS) WordPress plugins. The impact could be serious because these WordPress plugins are used for WordPress sites […]

Pierluigi Paganini April 30, 2020
EventBot, a new Android mobile targets financial institutions across Europe

Security experts from Cybereason Nocturnus team discovered a new piece of Android malware dubbed EventBot that targets banks, financial services across Europe. Researchers from Cybereason Nocturnus team discovered a new piece of Android malware dubbed EventBot that targets banks, financial services across Europe The malware first appeared in the threat landscape in March, in implements […]

Pierluigi Paganini April 30, 2020
RDP brute-force attacks rocketed since beginning of COVID-19

The number of RDP brute-force attacks is skyrocketing in mid-March due to remote working imposed during the COVID-19 pandemic. Researchers from Kaspersky Lab are observing a significant increase in the number of RDP brute-force attacks since the beginning of the COVID-19 pandemic. Earlier this month, researchers from Shodan reported a 41% increase in the number of RDP […]

Pierluigi Paganini April 29, 2020
Estonian intelligence reports foreign hackers breached Mail.ee email provider

State-sponsored hackers have compromised a small number of accounts of the Estonian email provider Mail.ee belonging to high-profile people. Alleged state-sponsored hackers have hijacked a small number of accounts at the Estonian email provider Mail.ee, they exploited a zero-day vulnerability in the attack. According to the end-of-year report published this month by Estonian Internal Security […]

Pierluigi Paganini April 29, 2020
Google found zero-click vulnerabilities in Apple’s multimedia processing components

Google Project Zero white-hat hackers have disclosed zero-click vulnerabilities affecting multiple Apple operating systems. White-hat hackers at Google Project Zero team have discovered several zero-click vulnerabilities impacting multiple Apple’s multimedia processing components is several Apple operating systems. Multimedia processing components could be a privileges entry point for threat actos that attempt to hack into the […]

Pierluigi Paganini April 29, 2020
Adobe addresses several critical flaws in Illustrator, Bridge, and Magento

Adobe released security updates for Adobe Illustrator, Bridge, and Magento that fix several issues, including multiple remote code execution flaws. Adobe has released security updates that address multiple vulnerabilities in Adobe Illustrator, Bridge, and Magento, including some critical remote code execution flaws. The remote code execution flaws could be exploited by an attacker to execute commands […]

Pierluigi Paganini April 28, 2020
SANDMAN AND FINEPROXY BEHIND THE DDOS ATTACKS AGAINST TIMETV.LIVE

Timetv.live is the latest Azeri news site targeted by Denial of Service (DDoS) attacks launched by Sandman threat actor, the attack took place on March 21, 2020. Original Post by Qurium: *Qurium’s forensics report:* Sandman and Fineproxy behind the DDoSAttacks against TimeTV.Live https://www.qurium.org/alerts/azerbaijan/sandman-and-fineproxy-behind-the-ddos-attacks-against-timetv-live/ Timetv.live is the latest Azeri news site targeted by Denial of Service attacks. […]

Pierluigi Paganini April 28, 2020
Outlaw is Back, a New Crypto-Botnet Targets European Organizations

The Outlaw Hacking Group is back, malware researchers from Cybaze-Yoroi ZLab have uncovered a new botnet that is targeting European organizations Introduction During our daily monitoring activities, we intercepted a singular Linux malware trying to penetrate the network of some of our customers. The Linux malware is the well-known “Shellbot”, it is a crimetool belonging […]