Facebook has announced that they are shutting down access to the « Partner Categories » targeting feature for Facebook advertisers. Partner Categories is a product that allowed Facebook advertisers to directly target the social site’s users based on data provided by third-party providers, rather than from data compiled directly by Facebook. According […]
20 HACKERS ARRESTED IN EUR 1 MILLION BANKING PHISHING SCAM
Criminals faked emails from tax authorities to defraud bank customers across Italy and Romania out of EUR 1 million A two-year long cybercrime investigation between the Romanian National Police and the Italian National Police, with the support of Europol, its Joint Cybercrime Action Taskforce (J-CAT) and Eurojust, has led to the arrest of […]
Drupal Fixes Drupalgeddon2 Security Flaw That Allows Hackers to Take Over Sites
The Drupal CMS team has fixed a highly critical security flaw that allows hackers to take over a site just by accessing an URL. Drupal site owners should immediately —and we mean right now— update their sites to Drupal 7.58 or Drupal 8.5.1, depending on the version they’re running. […]
New ThreadKit exploit builder used to spread banking Trojan and RATs
A recently discovered Microsoft Office document exploit builder kit dubbed ThreadKit has been used to spread a variety of malware, including RATs and banking Trojans. Security experts at Proofpoint recently discovered a Microsoft Office document exploit builder kit dubbed ThreadKit that has been used to spread a variety of malware, including banking […]
Cisco Removes Backdoor Account from IOS XE Software
isco removed today a backdoor account from its IOS XE operating system that would have allowed a remote attacker to log into Cisco routers and switches with a high-privileged account. The company says the « undocumented user account » only impacts devices running Cisco XE Software 16.x —an operating system deployed mostly […]
Boeing Is Dealing With a Suspected WannaCry Ransomware Outbreak
In a baffling turn of events, computers at Boeing have allegedly been infected with the WannaCry Ransomware. According to the Seattle Times, a memo was sent out by a Boeing employee that states that systems have been affected and that their were concerns the ransomware would « spread to airplane software ». The Seattle Times reports that […]
Meltdown Patch Opened Bigger Security Hole on Windows 7
Microsoft’s Meltdown patch has opened an even bigger security hole on Windows 7, allowing any user-level application to read content from the operating system’s kernel, and even write data to kernel memory. Swedish IT security expert Ulf Frisk made the discovery earlier this month while working on PCI Leech, a device […]
Hajime Botnet Makes a Comeback With Massive Scan for MikroTik Routers
If you’ve been following the infosec Twitter community for the last few days, you couldn’t ignore the constant talk about the massive scans currently taking place online, carried out by a Hajime IoT botnet looking to mass-infect unpatched MikroTik devices. All of the hoopla started on Sunday, March 25, when […]
BranchScope is a new side-channel attack method against Intel chip
BranchScope is a new side-channel attack technique that like Meltdown and Spectre attacks can be exploited by an attacker to obtain sensitive information from vulnerable processors. A group of researchers from the College of William & Mary, University of California Riverside, Carnegie Mellon University in Qatar, and Binghamton University has discovered […]
VPN leaks users’ IPs via WebRTC. I’ve tested seventy VPN providers and 16 of them leaks users’ IPs via WebRTC (23%)
Cyber security researcher Paolo Stagno (aka VoidSec) has tested seventy VPN providers and found 16 of them leaks users’ IPs via WebRTC (23%) You can check if your VPN leaks visiting: http://ip.voidsec.com Here you can find the complete list of the VPN providers that I’ve tested: https://docs.google.com/spreadsheets/d/1Nm7mxfFvmdn-3Az-BtE5O0BIdbJiIAWUnkoAF_v_0ug/edit#gid=0 Add a comment or send me […]