Pierluigi Paganini
May 08, 2018
Recently security experts discovered two critical vulnerabilities in the Drupal CMS (CVE-2018-7600 and CVE-2018-7602), and cybercriminals promptly attempted to exploit them in the wild. The hackers started using the exploits for the above vulnerabilities to compromise drupal installs, mostly cryptocurrency mining. It has been estimated that potentially over one million Drupal websites are vulnerable to cyber attacks […]
Pierluigi Paganini
May 08, 2018
Security researchers at VPNMentor conducted a comprehensive assessment on of a number of GPON home routers and discovered a Critical remote code vulnerability that could be exploited to gain full control over them. The researchers have found a way to bypass the authentication to access the GPON home routers (CVE-2018-10561). The experts chained this authentication bypass flaw with another command […]
Pierluigi Paganini
May 07, 2018
The latest variant of the SynAck ransomware now includes a number of novel and complex anti-detection techniques, including one that was only made published by security researchers in December 2017. When it originally appeared on the scene, SynAck ransomware didn’t seem unique or outstanding. It was marginally effective, but it wasn’t going to force enterprises […]
Pierluigi Paganini
May 07, 2018
Some Chrome users are reporting freezes and timeouts after the installation of the Windows 10 April Update, let’s see what has happened After the installation of Windows 10 April Update I observed continuous freezes while using the Chrome browser with one of my PCs, in some cases, I was not able to reach the websites […]
Pierluigi Paganini
May 06, 2018
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online Kindle Edition Paper Copy Once again thank you! · 90% of the SAP customers exposed to hack due to 13 Year-Old configuration […]
Pierluigi Paganini
May 06, 2018
Last week, Google announced the release of an open-source framework and an SDK dubbed ‘Asylo’ that allows developers to build applications targeting trusted execution environments. The Asylo framework makes it easy to protect the confidentiality and integrity of applications and data in an isolated, confidential computing environment. The framework leverages trusted execution environments (TEEs) that implements specialized execution […]
Pierluigi Paganini
May 06, 2018
Last week, the European Central Bank has published the European framework for testing financial sector resilience to cyber attacks. The framework aims to simulate the effects of cyber attacks on critical systems in the banking industry in the European Union. The move is the response to the numerous cyberheists that hit the financial industry in the past […]
Pierluigi Paganini
May 05, 2018
The Pentagon is ordering retail outlets on US military bases to stop selling Huawei and ZTE products due to unacceptable security risk they pose. Smartphones manufactured by Chinese firms Huawei and ZTE are banned by US Military, the decision was taken by the Pentagon. The Pentagon is ordering retail outlets on US military bases to stop selling […]
Pierluigi Paganini
May 05, 2018
A group of security researchers has reportedly discovered 8 new varieties of the Spectre vulnerabilities, dubbed Spectre-Next Generation or Spectre-NG, that affect Intel CPUs. A German security website reported that an unnamed team of researchers has discovered the new flaws that exploit the new issues reported in the original Spectre and Meltdown attacks. The new eight Spectre-NG vulnerabilities in Intel CPUs also affect some ARM […]
Pierluigi Paganini
May 05, 2018
Cybercriminals are targeting Airbnb users with phishing emails that urge the compliance with the new privacy regulation General Data Protection Regulation (GDPR). The upcoming General Data Protection Regulation (GDPR) privacy laws threaten with severe penalties to demand personal information from Airbnb users. The interest on the subject is very high among professionals and companies operating in various […]
