A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! Blur data leak potentially exposed data of 2.4 […]
Proofpoint analyzed two strains of malware tracked as ServHelper and FlawedGrace distributed through phishing campaigns by the TA505 crime gang. Security researchers at Proofpoint researchers discovered two strains of malware tracked as ServHelper and FlawedGrace distributed through phishing campaigns by the TA505 crime gang. The ServHelper is a backdoor, experts analyzed two variants of it, while […]
Rapid7 announced the release of Metasploit 5.0, the latest version of the popular penetration testing framework that promises to be very easy to use. Rapid7 announced the release of Metasploit 5.0, the new version includes several new important features and, the company believes it will easier to use and more powerful. Most important changes introduced […]
The British hacker Daniel Kaye has been sentenced to 32 months in prison for the cyberattack on Liberian telecom firms. The British hacker Daniel Kaye (29) has been sentenced to 32 months in prison for the 2016 attack that took down telecommunications services in Liberia. Kaye pleaded guilty in December to two charges under the Computer Misuse […]
Victims of the PyLocky Ransomware can use a tool released by security researcher Mike Bautista at Cisco Talos group to decrypt their files for free. I have good and bad news for the victims of the PyLocky Ransomware. The good news is that security researcher Mike Bautista at Cisco Talos group released a decryption tool […]
Ave Maria Malware – Phishing attempts spreading in the last days of the past year against an Italian organization operating in the Oil&Gas sector The Cybaze-Yoroi ZLab researchers analyzed phishing attempts spreading in the last days of the past year against an Italian organization operating in the Oil&Gas sector. The malicious emails try to impersonate […]
The social media platform Reddit has notified users that some of them have been locked out of their accounts after detecting suspicious activity. Reddit locked down a large number of user accounts after due to a security concern after detecting suspicious activity on them. “If you are here because you’ve been locked out of your […]
Cisco addressed two DoS vulnerabilities in CISCO ESA products that can be exploited by remote unauthenticated attacker. Cisco fixed two denial-of-service (DoS) flaws in Email Security Appliance (ESA) products that can be exploited by a remote unauthenticated attacker. The first flaw tracked as CVE-2018-15453 has been rated as “critical,” it is a memory corruption bug caused […]
Security expert uncovered a DNS hijacking campaign targeting organizations in various industries worldwide and suspects Iranian APT groups. Security experts at FireEye uncovered a DNS hijacking campaign that is targeting government agencies, ISPs and other telecommunications providers, Internet infrastructure entities, and sensitive commercial organizations in the Middle East, North Africa, North America and Europe. According […]
Experts disclosed three flaws in the systemd, a software suite that provides fundamental building blocks for Linux operating systems. Security firm Qualys has disclosed three flaws (CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866 ) in a component of systemd, a software suite that provides fundamental building blocks for a Linux operating system used in most major Linux distributions. […]