Security new

Pierluigi Paganini May 04, 2020
DHS CISA alert provides recommendations on securing Office 365 installs

The US DHS CISA agency issued a new alert that includes recommendations on how organizations should properly secure Microsoft Office 365 installs. The current COVID-19 pandemic is pushing organizations to adopt a growing number of cloud-based services, for this reason, the DHS CISA published a new alert that provides recommendations to secure Office 365 deployments. […]

Pierluigi Paganini March 19, 2020
Pwn2Own 2020 Day1 -researchers earned $180K for hacking Windows, Ubuntu, and macOS

During the first day of the Pwn2Own 2020 hacking competition, participants earned a total of $180,000 for exploits targeting Windows 10, Ubuntu Desktop and macOS. The Coronavirus outbreak hasn’t stopped the Pwn2Own hacking conference, for the first time its organizer, the Zero Day Initiative (ZDI), has decided to arrange the event allowing the participants to […]

Pierluigi Paganini March 07, 2020
EVRAZ operations in North America disrupted by Ryuk ransomware

Computer systems at EVRAZ, a multinational vertically integrated steel making and mining company, have been hit by Ryuk ransomware. EVRAZ is one of the world’s largest multinational vertically integrated steel making and mining companies with headquarters in London. The company operates mainly in Russia, but also in Ukraine, Kazakhstan, Italy, Czech Republic, the United States, […]

Pierluigi Paganini March 07, 2020
CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

A new vulnerability, tracked as CVE-2019-0090, affects all Intel chips that could allow attackers to bypass every hardware-enabled security technology. Security experts from Positive Technologies warn of a new vulnerability, tracked as CVE-2019-0090, that affects all Intel processors that were released in the past 5 years. The flaw is currently defined as unpatchable and could […]

Pierluigi Paganini March 07, 2020
Travel leisure company Carnival Corporation discloses data breach

The world’s largest travel leisure company Carnival Corporation discloses a data breach that took place last year and which exposed the personal information of its customers. Carnival Corporation, the world’s largest travel leisure company, discloses a data breach that took place in 2019. The company is informing customers of the incident, a third-party gained unauthorized access […]

Pierluigi Paganini March 03, 2020
Experts warn of mass scans for Apache Tomcat Ghostcat flaw

Experts warn of ongoing scans for Apache Tomcat servers affected by the Ghostcat flaw that could allow attackers to take over servers. Security experts are warning of ongoing scans for Apache Tomcat servers affected by the recently disclosed Ghostcat vulnerability CVE-2020-1938. The flaw affects all versions of Apache Tomcat, it could be exploited by attackers […]

Pierluigi Paganini February 22, 2020
Joker malware still able to bypass Google Play Store checks

The infamous Joker malware has found a way to bypass the security checks to be published in the official Play Store, new clicker was found by experts. The fight to the Joker malware (aka Bread) begun in September 2019 when security experts at Google removed from the official Play Store 24 apps because they were […]

Pierluigi Paganini January 20, 2020
JhoneRAT uses Google Drive, Twitter, ImgBB, and Google Forms to target countries in Middle East

Researchers from Cisco Talos discovered a new Trojan named JhoneRAT that was used in targeted attacks against entities in the Middle East. A new Trojan named JhoneRAT appeared in the threat landscape, it is selectively attacking targets in the Middle East by checking keyboard layouts. The malware targets a very specific set of Arabic-speaking countries, […]

Pierluigi Paganini December 14, 2019
A malvertising campaign targets iPhone users with Krampus-3PC

A malvertising campaign that involved more than 100 publisher websites targeted iPhone users to deliver the Smart Krampus-3PC Malware. According to The Media Trust’s Digital Security & Operations (DSO) team, iPhone users have been targeted by a malvertising campaign that has impacted more than 100 publisher websites, including online newspapers and international weekly news magazines. […]