Pierluigi Paganini
February 09, 2018
The source code for Apple iOS iBoot secure bootloader has been leaked to GitHub, now we will try to understand why this component is so important for the iOS architecture. The iBoot is the component loaded in the early stages of the boot sequence and it is tasked with loading the kernel, it is stored in […]
Pierluigi Paganini
February 09, 2018
Swisscom data breach – Telco company Swisscom confirmed it has suffered a data breach that affected roughly 800,000 of its customers, roughly 10% of the Swiss population. Swiss telco company Swisscom confirmed it has suffered a data breach that affected roughly 800,000 of its customers, roughly 10% of the Swiss population. According to Swisscom, unauthorized parties gained access to data in […]
Pierluigi Paganini
February 08, 2018
The US authorities have dismantled a global cybercrime organization tracked Infraud Organization involved in stealing and selling credit card and personal identity data. The US authorities have taken down a global cybercrime organization, the Justice Department announced indictments for 36 people charged with being part of a crime ring specialized in stealing and selling credit […]
Pierluigi Paganini
February 08, 2018
Joomla development team has released the Joomla 3.8.4 that addresses many issues, including an SQL injection bug and three cross-site scripting (XSS) flaws. Joomla development team has released the Joomla 3.8.4 that addresses a large number of issues, including an SQL injection bug and three cross-site scripting (XSS) vulnerabilities. The latest release also includes several improvements. The XSS and SQL injection vulnerabilities have been classified […]
Pierluigi Paganini
February 08, 2018
Intel is releasing new firmware updates that should address Spectre vulnerabilities CVE-2017-5715 for Skylake processors. Intel is releasing new firmware updates limited to Skylake processors to address Spectre vulnerabilities, patches for other platforms are expected very soon. The Spectre attack allows user-mode applications to extract information from other processes running on the same system. It can also be exploited […]
Pierluigi Paganini
February 08, 2018
Researchers from Princeton University have developed an app called PinME to locate and track smartphone without using GPS. The research team led by Prateek Mittal, assistant professor in Princeton’s Department of Electrical Engineering and PinMe paper co-author developed the PinMe application that mines information stored on smartphones that don’t require permissions for access. The data […]
Pierluigi Paganini
February 08, 2018
Cisco has rolled out new security patches for a critical vulnerability, tracked as CVE-2018-0101, in its CISCO ASA (Adaptive Security Appliance) software. At the end of January, the company released security updates the same flaw in Cisco ASA software. The vulnerability could be exploited by a remote and unauthenticated attacker to execute arbitrary code or trigger […]
Pierluigi Paganini
February 07, 2018
The Autosploit hacking tool was developed aiming to automate the compromising of remote hosts both by collecting automatically targets as well as by using Shodan.io API. Users can define its platform search queries like Apache, IIS and so forth to gather targets to be attacked. After gathering the targets, the tool uses Metasploit modules of its […]
Pierluigi Paganini
February 07, 2018
Adobe rolled out an emergency patch that fixed two critical remote execution vulnerabilities, including the CVE-2018-4878 flaw exploited by North Korea. Adobe has rolled out an emergency patch to address two Flash player vulnerabilities after North Korea’s APT group was spotted exploiting one of them in targeted attacks. Last week, South Korea’s Internet & Security […]
Pierluigi Paganini
February 07, 2018
Security researcher Sean Dillon ported three NSA-linked exploits, EternalSynergy, EternalRomance, and EternalChampion, to the Metasploit platform. The security researcher at RiskSense Sean Dillon (@zerosum0x0) ported the Rapid7 Metasploit three hacking tools supposedly stolen from the NSA-linked Equation Group. The researcher modified the exploits to use them also against latest windows versions and merged them into the Metasploit […]
Cyber Crime / December 08, 2025
