Latest Entries »

We found a Remote Code Execution vulnerability in mIRC through the irc:// URI protocol handler. Earlier this year, we were reading about an article by ZDI discussing a string of vulnerabilities in Electron-based products related to the use of a custom URI scheme on Windows. View full article »

Soon millions of Europeans will head to the polls to cast their ballots in the European Parliament elections, as well as several key national elections. We believe it’s critical that organizations underpinning the democratic process have access to state-of-the-art cybersecurity protection as we’ve seen and continue to see efforts by nation-states and others to influence elections in democracies around the world including in Europe. View full article »

Welcome to our first release of 2019, Kali Linux 2019.1, which is available for immediate download. This release brings our kernel up to version 4.19.13, fixes numerous bugs, and includes many updated packages. View full article »

Between January and February, a new, intense, ransomware campaign have been observed by many security firms. It spreads Shade/Treshold variants, one of the most dangerous threats in the cyber crime scenario, known since its massive infection into the Russian panorama back in 2015, its expansion has been tracked by several CSIRTs and CERTs all across the world. View full article »

With the present Yoroi wishes to inform you about a dangerous campaign of attack in progress in recent days against Italian organizations. The attacks are characterized by the abuse of email communications that actually occurred between victims and e-mail addresses that send infected e-mails. This modus operandi has already been detected during various waves of Ursnif attack campaigns during 2018, reported in the Early Warning bulletins N010518 , N040318 , N040618 and N040718 .
View full article »

With so much of our information (including incredibly personal data) being found online, cybersecurity is of the utmost importance. So just where in the world are you cyber safe – if anywhere? View full article »

Over the last few days, a phishing campaign from DHL and entitled “DHL Shipment Notification” has been targeted users worldwide. Muncy is the name dubbed by SI-LAB that analyzed this threat. Now, the malware is targeting user’s worldwide and has been spread via phishing campaigns. View full article »

This blog post details how a combination of a Path Traversal and Local File Inclusion vulnerability lead to Remote Code Execution in the WordPress core. The vulnerability remained uncovered in the WordPress core for over 6 years. View full article »

Bemidji, Minnesota, February 15, 2019 – North Country Business Products, Inc. (“North Country”), today announced that a recent data security incident may have resulted in unauthorized access to payment information of some consumers who used credit and debit cards at its business partner restaurants between January 3, 2019, and January 24, 2019. North Country engaged professionals who have corrected the issue. View full article »


The East Security CTI Organization Security Response Center (ESRC) identified the latest Intelligent Sustainable Threat (APT) campaigns conducted by state-sponsored Actors. The group is widely known as the so-called Lazarus, and on September 6, 2018, the US Justice Department filed an indictment in the Federal Court of Los Angeles on charges of hacking Sony Pictures Pictures USA, bank hacking in Bangladesh, , View full article »