Security Affairs

Pierluigi Paganini May 29, 2019
News aggregator Flipboard disclosed a data breach

The news aggregator Flipboard announced that it suffered a breach, unauthorized users had access to some databases storing user account information. The news and social media aggregator Flipboard disclosed on Tuesday that it suffered a breach, unauthorized users had access to some databases storing user information. Hackers had access to the company systems between June […]

Pierluigi Paganini May 29, 2019
HawkEye Keylogger is involved in attacks against business users

Experts at IBM X-Force observed a new campaign involving the HawkEye keylogger in April and May 2019 aimed at business users.  Malware attacks leveraging a new variant of the HawkEye keylogger have been observed by experts at Talos. The malware has been under active development since at least 2013 and it is offered for sale […]

Pierluigi Paganini May 28, 2019
DuckDuckGo Address Bar Spoofing

The DuckDuckGo Privacy Browser application 5.26.0 for Android allows address bar spoofing via a setInterval call, as demonstrated by reloading every 50 ms. Technical Observation: A browser that’s scoring in the 50,00,000+ tier of Android download.It was observed that the DuckDuckGo privacy browser ominibar can be spoofed by a crafted javascript page spoofing `setInterval` function and reloading the […]

Pierluigi Paganini May 28, 2019
Internet scans found nearly one million systems vulnerable to BlueKeep

Roughly one million devices are vulnerable to attacks exploiting the BlueKeep Windows vulnerability and hackers are ready to hit them. Yesterday I reported the discovery made by experts at GreyNoise that detected scans for systems vulnerable to the BlueKeep (CVE-2019-0708) vulnerability. The scans were first detected on May 25, 2019, experts explained that a single […]

Pierluigi Paganini May 28, 2019
Shade Ransomware is very active outside of Russia and targets more English-speaking victims

Experts at PaloAlto Networks spotted a new Shade ransomware campaigns targeting news countries, including in the U.S. and Japan. Researchers observed a new wave of Shade ransomware attacks against targets in several countries, including the US and Japan. Shade is considered one of the most dangerous threats in the cyber crime scenario, it has been active […]

Pierluigi Paganini May 28, 2019
Siemens Healthineers medical products vulnerable to Windows BlueKeep flaw

Several products made by Siemens Healthineers are affected by a recently patched Windows BlueKeep vulnerability (CVE-2019-0708). The BlueKeep issue is a remote code execution vulnerability in Remote Desktop Services (RDS) that it can be exploited by an unauthenticated attacker by connecting to the targeted system via the RDP and sending specially crafted requests. As explained by […]

Pierluigi Paganini May 28, 2019
APT10 is back with two new loaders and new versions of known payloads

The APT10 group has added two new malware loaders to its arsenal and used in attacks aimed at government and private organizations in Southeast Asia. In April 2019, China-linked cyber-espionage group tracked as APT10 has added two new loaders to its arsenal and used it against government and private organizations in Southeast Asia. The group […]

Pierluigi Paganini May 27, 2019
BlueKeep scans observed from exclusively Tor exit nodes

GreyNoise experts detected scans for systems vulnerable to the BlueKeep (CVE-2019-0708) vulnerability from exclusively Tor exit nodes. Microsoft Patch Tuesday updates for May 2019 address nearly 80 vulnerabilities, including an RDS vulnerability dubbed BlueKeep that can be exploited to carry out WannaCry-like attack. The issue is a remote code execution flaw in Remote Desktop Services (RDS) that it can […]

Pierluigi Paganini May 27, 2019
First American Financial exposed 16 years’ worth of personal and financial documents

The US real-estate insurance biz, First American Financial, accidentally leaked customers’ highly personal files online, hundreds of millions of documents. The US real-estate insurance company First American Financial Corp. accidentally leaked hundreds of millions of documents. The company has more than 18,000 employees and brought in more than $5.7 billion in 2018. Roughly 885 million insurance-related documents […]

Pierluigi Paganini May 26, 2019
Sectigo says that most of certificates reported by Chronicle analysis were already revoked

According to Sectigo, most of the certificates used to sign the malware submitted to VirusTotal and issued by the company were expired and were already revoked. This week experts at Chronicle published a study on signed malware registered on VirusTotal that states that most of the digital certificates used to sign malware samples found on […]