Breaking News

Pierluigi Paganini March 13, 2017
The CVE-2017-5638 Apache Struts 2 command execution flaw affects Cisco products

On Friday, Cisco confirmed that at least some of its products are affected by an Apache Struts 2 command execution vulnerability tracked as CVE-2017-5638. The CVE-2017-5638 remote code execution zero-day has been exploiting by attackers in the wild, it affects Struts 2.3.5 through 2.3.31 and Struts 2.5 through 2.5.10. According to the experts from Cisco Talos, the […]

Pierluigi Paganini March 13, 2017
Michael Hastings crash, incident or assassination? New doubts after Wikileaks Vault 7 leak

Was Michael Hastings a victim of the CIA hacking tools? Wikileaks Vault 7 data leak reveals the ability of the Agency of car hacking. This is the story of the mysterious death of Michael Hastings, an American journalist, who rose to prominence with his coverage of the Iraq War for Newsweek in the 2000s. But to better […]

Pierluigi Paganini March 13, 2017
CHIPSEC, Intel Security releases detection tool also for CIA EFI rootkits

After CIA leak, Intel Security releases CHIPSEC, a detection tool for EFI rootkits that detect rogue binaries inside the computer firmware. A few days ago, WikiLeaks announced it is working with software makers to fix the zero-day flaws in Vault7 dump that impacted their products and services. The organization is sharing information on the hacking tools […]

Pierluigi Paganini March 12, 2017
Security Affairs newsletter Round 103 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. First of all, let me inform you that at the #infosec16 SecurityAffairs was awarded as The Best European Personal Security Blog http://securityaffairs.co/wordpress/48202/breaking-news/securityaffairs-best-european-personal-security-blog.html ·        Metasploit team released Metasploit Vulnerable Services Emulator ·        Security Affairs newsletter Round 102 – News of […]

Pierluigi Paganini March 12, 2017
ELF_IMEIJ, a new Linux malware is spreading in the wild

Security experts from Trend Micro discovered a new family of Linux malware, tracked as ELF_IMEIJ, targeting AVTech surveillance devices. Security experts from Trend Micro discovered a new family of Linux malware that is targeting products from surveillance technology company AVTech exploiting a CGI vulnerability that was disclosed in 2016. According to Trend Micro, the flaw was […]

Pierluigi Paganini March 11, 2017
Danish-speaking users hit by malware spread via Dropbox links

Danish-speaking users were infected by malware spread through Dropbox, but the company quickly adopted the countermeasures to stop the attack. According to the experts from security firm AppRiver, Danish-speaking users were hit by an unusual malware-based attack. The attack hit Denmark, Germany, and several surrounding Scandinavian countries on Wednesday morning. Danish-speaking users were infected by malware spread through […]

Pierluigi Paganini March 11, 2017
Check Point experts spotted pre-Installed Android Malware on 38 Android devices

Experts discovered pre-installed malware on 38 high-end smartphone models belonging to popular manufacturing companies such as Samsung, LG, Xiaomi and Asus. In the past, security experts have already reported cases of pre-installed malware on mobile devices. In September 2015, security experts at G-Data security firm discovered new cases of Chinese Android mobile devices infected by […]

Pierluigi Paganini March 11, 2017
WikiLeaks is working with software makers on Zero-Days included in the Vault7 dump

WikiLeaks announced is working with software makers on Zero-Days by sharing information on the hacking tools included in the Vault7 dump with them. WikiLeaks announced on Tuesday that it has obtained thousands of files allegedly originating from a high-security network of the U.S. Central Intelligence Agency (CIA). The Wikileaks dump, called “Vault7,” exposed the hacking […]

Pierluigi Paganini March 10, 2017
Ennetcom – Dutch Police confirmed to have decrypted BlackBerry PGP messages in a criminal case

The Dutch police decrypted a number of PGP messages sent by crooks through their BlackBerry mobile devices for the criminal investigation on Ennetcom. PGP is an open source end-to-end encryption standard that can be used to sign emails, files, documents, or disk partitions. On April 2016, the Dutch Police arrested a 36-year-old man on suspicion […]

Pierluigi Paganini March 10, 2017
CIA replies to WikiLeaks Vault7 Leak, it is operating to protect Americans

WikiLeaks Vault7 – CIA pointed out that its mission is to “aggressively collect” foreign intelligence from overseas entities. The U.S. Central Intelligence Agency (CIA) has issued an official statement in response to the Wikileaks Vault7 Data leak. The US intelligence agency denies conducting a large-scale surveillance on its citizens. According to an unnamed U.S. officials quoted […]