Hacking

Pierluigi Paganini October 21, 2018
Security Affairs newsletter Round 185 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! ·      Ex-NASA contractor pleaded guilty for cyberstalking crimes […]

Pierluigi Paganini October 21, 2018
WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

Security researchers from WizCase have discovered several vulnerabilities in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS. NAS devices have become the storage device of choice for many small and medium businesses (SMB). They are inexpensive, easy to operate, and you can add additional storage if you’re running low on space. But is it secure enough […]

Pierluigi Paganini October 20, 2018
Thousands of applications affected by a zero-day issue in jQuery File Upload plugin

A security researcher discovered a zero-day vulnerability, tracked as CVE-2018-9206, that affects older versions of the jQuery File Upload plugin since 2010. Attackers can exploit the vulnerability to carry out several malicious activities, including defacement, exfiltration, and malware infection. The flaw was reported by the Akamai researcher Larry Cashdollar, he explained that many other packages that include […]

Pierluigi Paganini October 19, 2018
Drupal dev team fixed Remote Code Execution flaws in the popular CMS

The Drupal development team has patched several vulnerabilities in version 7 and 8 of the popular CMS, including RCE flaws. The development team of the Drupal content management system addressed several vulnerabilities in version 7 and 8, including some flaws that could be exploited for remote code execution. Drupal team fixed a critical vulnerability that resides in […]

Pierluigi Paganini October 19, 2018
Splunk addressed several vulnerabilities in Enterprise and Light products

Splunk recently addressed several vulnerabilities in Enterprise and Light products, some of them have been rated “high severity.” Splunk Enterprise solution allows organizations to aggregate, search, analyze, and visualize data from various sources that are critical to business operations. The Splunk Light is a comprehensive solution for small IT environments that automates log analysis and integrate […]

Pierluigi Paganini October 18, 2018
Group-IB: 14 cyber attacks on crypto exchanges resulted in a loss of $882 million

Group-IB has estimated that crypto exchanges suffered a total loss of $882 million due to targeted attacks between 2017 and 2018. Group-IB, an international company that specializes in preventing cyber attacks,has estimated that cryptocurrency exchanges suffered a total loss of $882 million due to targeted attacks in 2017 and in the first three quarters of 2018. According to Group-IB experts, […]

Pierluigi Paganini October 18, 2018
The author of the LuminosityLink RAT sentenced to 30 Months in Prison

The author of the infamous LuminosityLink RAT, Colton Grubbs (21), was sentenced to 30 months in federal prison. Colton Grubbs, 21, of Stanford, Kentucky, the author of the infamous LuminosityLink RAT, was sentenced to 30 months in federal prison, In February, the Europol’s European Cybercrime Centre (EC3) along with the UK National Crime Agency (NCA) disclosed the […]

Pierluigi Paganini October 18, 2018
Chaining three critical vulnerabilities allows takeover of D-Link routers

Researchers from the Silesian University of Technology in Poland discovered several flaws that could be exploited to take over some D-Link routers. A group of researchers from the Silesian University of Technology in Poland has discovered three vulnerabilities in some models of D-Link routers that could be chained to take full control over the devices. The […]

Pierluigi Paganini October 17, 2018
MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry

Yoroi security firm uncovered a targeted attack against one of the most important companies in the Italian Naval Industry leveraging MartyMcFly Malware. Today I’d like to share an interesting analysis of a Targeted Attack found and dissected by Yoroi (technical details are available here). The victim was one of the most important leaders in the field of security and defensive military […]

Pierluigi Paganini October 17, 2018
Thousands of servers easy to hack due to a LibSSH Flaw

The Libssh library is affected by a severe flaw that could be exploited by attackers to completely bypass authentication and take over a vulnerable server. The Secure Shell (SSH) implementation library, the Libssh, is affected by a four-year-old severe vulnerability that could be exploited by attackers to completely bypass authentication and take over a vulnerable server without requiring a […]