Security Affairs

APRIL 6, 2020

Chinese security-firm Qihoo 360 has uncovered a hacking campaign conducted by a DarkHotel APT group (APT-C-06) aimed at Chinese government agencies in Beijing and Shanghai. “Recently, Qihoo 360 captured malicious samples issued through hijacked security services of a domestic VPN vendor SangFor. are vulnerable.

Government 130

Government Security awareness Security Risk 130

Security Affairs

JUNE 24, 2019

FlawedAmmyy RAT allows stealing sensitive data from infected systems and exfiltrating files. pic.twitter.com/PQ2g7rvDQm — Microsoft Security Intelligence (@MsftSecIntel) June 21, 2019. — Microsoft Security Intelligence (@MsftSecIntel) June 21, 2019. wsus.exe decrypts and runs the final payload directly in memory.

Archiving 82

Archiving Access Security IT 82

Security Affairs

JUNE 2, 2019

I discovered the problem because I was not able to access Analytics data for my blog. We will provide an update by Sunday, 2019-06-02 16:00 US/Pacific.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cloud 77

Cloud Analytics Access Cybersecurity 77

Security Affairs

JULY 17, 2019

Tesla paid $10,000 a researcher that found a stored cross-site scripting (XSS) vulnerability that could have been exploited to change vehicle information. He discovered that some information about the vehicle was collected from a page of Tesla application that was used to see the vital statistics of the car. Pierluigi Paganini.

Security 73

Security IT Information Security 73

Security Affairs

SEPTEMBER 5, 2019

” reads the security advisory published by ZDI. ” The vulnerability resides in the way the Video for Linux (V4L2) driver handles input data, it could be exploited by an attacker to elevate permissions to kernel level. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Access 77

Access Security IT Information Security 77

Security Affairs

MAY 7, 2020

At least since the year of 2014 that new variants have been observed, with minor changes, and with the objective of collecting bank details of the victims. Afterward, the malware runs on the compromised machine, collecting sensitive data from browsers, including credentials for accessing bank portals. Trojan banker (2nd stage).

Communications 112

Communications Phishing Access IT 112

Security Affairs

OCTOBER 14, 2019

First of all the attacker knew the target organization was protected by a SOC (Security Operation Center) so she sent a well crafted email claiming to deliver a Microsoft document wrapping out the weekly SOC report as a normal activity in order to induce the victim to open-it. SOC report 10 12 2019.doc Technical Analysis. Conclusion.

Computer and Electronics 77

Computer and Electronics Security Encryption IT 77