Pierluigi Paganini
April 20, 2017
The implementation of the NIST CyberSecurity Framework is of vital importance for the changes taking place in the landscape of zero-day threats The NIST CyberSecurity Framework is a guide for businesses and enterprises of good practices for information security. The NIST CyberSecurity Framework proposes a guide, which can adapt to each enterprise e for different […]
Pierluigi Paganini
April 20, 2017
Symantec observed the Hajime IoT malware leaving a message on the devices it infects, is it the work of a cyber vigilante? The Mirai botnet is the most popular thingbot, it is targeting poorly configured and flawed âInternet of Thingsâ devices since August 2016, when the threat was first discovered by the researcher MalwareMustDie. Many other bots threaten […]
Pierluigi Paganini
April 19, 2017
Oracle patch update for April 2017 fixed a record number of vulnerabilities, including Apache Struts and Shadow Brokers exploits. Oracle has released security updates to fix flaws in its product, including Apache Struts and a Solaris exploit included in a dump leaked by the Shadow Brokers hackers and containing NSA documents and hacking tools. The Oracle patch update […]
Pierluigi Paganini
April 19, 2017
A critical vulnerability affects the Drupal References module that is used by hundreds of thousands of websites using the popular CMS. The Drupal security team has discovered a critical vulnerability in a third-party module named References. The Drupal team published a Security advisory on April 12 informing its users of the critical flaw. The flaw has a huge impact on […]
Pierluigi Paganini
April 19, 2017
The InterContinental Hotels Group announced that last week payment card systems at more than 1,000 of its hotels had been compromised by crooks. The multinational hotel chain owns prestigious brands like Holiday Inn and Crowne Plaza. This is the second time that the InterContinental Hotels Group suffers a credit card breach, early this year the hotel chain […]
Pierluigi Paganini
April 19, 2017
The Chinese security Xudong Zheng is warning of Homograph Phishing Attacks are “almost impossible to detect” also to experts. The Chinese security researcher Xudong Zheng has devised a phishing technique that is “almost impossible to detect.” Hackers can exploit a known vulnerability in the popular web browsers Chrome, Firefox and Opera to display to the […]
Pierluigi Paganini
April 18, 2017
Experts at Recorded Future have discovered a cheap RaaS, the Karmen Ransomware that deletes decryptor if detects a sandbox. Security experts from threat intelligence firm Recorded Future have spotted a new ransomware as a service (RaaS) called Karmen. The service allows customers to easy create their ransomware campaign in a few steps and without specific skills. Wannabe-crooks […]
Pierluigi Paganini
April 18, 2017
It started quietly as a probability not a reality. Now within months cyberwarfare has become a reality plausible as the air we breathe. The revelation of governments hacking units has brought light for a new domain of conflict: Cyberwarfare. Once a secret these government agencies were public revealed like the Equation Group as well as […]
Pierluigi Paganini
April 18, 2017
Security researchers who analyzed the documents and hacking tools included in the last Shadow Brokers dump found a link to the Stuxnet virus. On Friday, the Shadow Brokers leaked a new bunch of files belonging to the alleged NSA arsenal. Security researchers who analyzed the documents and hacking tools included in the last dump have […]
Pierluigi Paganini
April 18, 2017
CradleCore ransomware is a malware offered in the underground as a source code, instead of the classic ransomware-as-a-service (RaaS) model. According to the experts at Forcepoint, the author is offering the malware in many Tor-based crime forums as source code allowing crooks to request a customized version of the code. The CradleCore ransomware is offered by the author as a […]
