A new type of cryptojacking (cryptomining) worm has been detected in the wild. This cryptojacking worm is using vulnerable Docker hosts to spread, which is something rarely seen in malware attacks. Dubbed Graboid, the worm has spread to more than…
La storia che segue può essere descritto come un “hackerare gli hacker” tipo di storia. Apparentemente, uno dei più grandi negozi sotterranei per l'acquisto di dati di carte di credito rubate in sé è stato violato. Di conseguenza, più di 26 milioni di credito e…
Pitney Bowes, un attrezzature e servizi mailing società con sede a Stamford, Connecticut, è stata colpita da ransomware. L'azienda dice che nessun dato dei clienti è stata compromessa durante l'attacco. Secondo il comunicato ufficiale, l'azienda ha registrato un “interruzione”…
Security researchers reported the discovery of six serious vulnerabilities in WordPress. le vulnerabilità’ impact has been rated as “high”, meaning that patching as soon as possible is highly advisable. Six WordPress Vulnerabilities Fixed in WordPress 5.2.4 According to Symantec’s security…
CVE-2.019-14.287 è una nuova vulnerabilità scoperta in Sudo. Sudo è considerato uno dei programmi più importanti e ampiamente utilizzati per Unix- e basato su Linux i sistemi operativi che consente a un utente autorizzato di eseguire un comando come super utente o di un altro…
Secondo una nuova ricerca, Apple is sharing some browsing history with China. Più specificamente, the company is sending some browsing history of iOS 13 Safari users to Tencent Holdings Limited, a Chinese multinational conglomerate. Tencent specializes in various…
How educated are Americans on the various cybersecurity topics? The conclusion is, not enough. According to the results of a new Pew Research Center survey, 55% of Americans couldn’t identify what 2FA is. Quel che è peggio, appena 30% of surveyed…
An unknown hacking group has been found to exploit Apple’s iTunes and iCloud programs in order to deploy ransomware. This is possible by using a zero-day vulnerability which allows the criminals to implant the malicious code without alerting any installed…
CVE 2019-1166 and CVE-2019-1338 are two vulnerabilities in Microsoft’s NTLM authentication protocol which were discovered by Preempt researchers. Per fortuna, both flaws were patched by Microsoft in October 2019 Patch Martedì. Attackers could exploit the flaws to achieve full domain compromise.…
iTerm2, a well-known open-source terminal emulator macOS app, has been found vulnerable to e critical flaw, which is known as CVE-2019-9535. The flaw was discovered during an audit sponsored by Mozilla, the company behind the Firefox browser. As for the…
SVE-2019-15435 is one of 21 vulnerabilities in Samsung devices which affect Galaxy S8, S9, S10, S10e, S10 Plus, S10 5G, Nota 9, Nota 10 and Note 10 Plus users. SVE-2019-15435 in particular is a critical issue, which is described as…
Webroot has released a new threat report which sums up what has been happening in the malware sector so far in 2019. The report is described as a “mid-year update to the annual Webroot Threat Report” and it showcases data…
A dangerous new hacking collective known as Mustang Panda is leveraging macro-infected documents to target users worldwide. The large-scale campaign appears to be against both public and private sectors. At the moment there is no information available about the intentions…
Hacking groups have been found to use outdated VPN software and specific exploits found in them to spy on the victims. This is according to several reports from government security agencies. This is particularly dangerous as the criminal collectives can…
LiLocked ransomware, also known as LiLu, is once again active in campaigns, this time affecting thousands of web servers. This is a new strain of the LiLocked ransomware which we wrote about in July this year. LiLocked Ransomware Currently Targeting…
