Pierluigi Paganini
April 13, 2017
SAP has issued a security patch for the SAP TREX search engine that addresses also a two-years old critical vulnerability. SAP has issued a security patch for the SAP TREX search engine that addresses multiple vulnerabilities discovered by the experts in a 2015 patch released in December 2015. The SAP TREX search engine is used […]
Pierluigi Paganini
April 13, 2017
Hackers exploited the CVE-2014-9222 flaw, also known as ‘Misfortune Cookie’, to hack thousands of home routers and abuse them for WordPress attacks. According to the experts at the security firm Wordfence tens of thousands, of home routers have been hacked and used to power cyber attacks on WordPress websites. The security firm observed a spike in […]
Pierluigi Paganini
April 13, 2017
A group of researchers has demonstrated that attackers can steal PINs and Passwords capturing data from smartphone sensors. Modern mobile devices are full of sensors (i.e. GPS, Camera, microphone, accelerometer, magnetometer, proximity, gyroscope, pedometer, and NFC) that could be exploited by hackers to gather data about owner’s activities? A group of researchers from Newcastle University demonstrated that […]
Pierluigi Paganini
April 12, 2017
The security expert Matthew Hickey has discovered two tools dubbed EXTREMEPARR and EBBISLAND which were specifically designed to target Solaris systems. After the mysterious Shadow Brokers group has leaked the archive containing the stolen NSA hacking tools and exploits, security experts started analyzing the huge trove of data. Experts discovered that NSA operators developed an attack […]
Pierluigi Paganini
April 12, 2017
Today Microsoft Patch Tuesday fixed the zero-day Word vulnerability that has been actively exploited in attacks in the wild. Microsoft today patched the zero-day Word vulnerability that has been exploited in attacks in the wild. Just yesterday I wrote about a phishing campaign leveraging the flaw to deliver the Dridex banking Trojan. Microsoft published security […]
Pierluigi Paganini
April 12, 2017
Experts at IBM X-Force security firm warn of a new Mirai Botnet implementing Bitcoin crypto-currency mining capabilities. The Mirai botnet was first spotted in august 2016 by the security researcher MalwareMustDie, it was specifically designed to compromise vulnerable or poorly protected IoT. Once Mirai malware compromises an IoT device it recruits it into a botnet primarily used for […]
Pierluigi Paganini
April 11, 2017
The Open Web Application Security Project (OWASP) presented the first release candidate for the 2017 OWASP Top 10, it includes 2 new categories. This week the Open Web Application Security Project (OWASP) presented the first release candidate for the 2017 OWASP Top 10, the principal novelty is the presence of two new vulnerability categories. The […]
Pierluigi Paganini
April 11, 2017
Presented the voluntary, non-binding norms of State behavior during peacetime in the G7 DECLARATION ON RESPONSIBLE STATES BEHAVIOR IN CYBERSPACE. The risk of escalation and retaliation in cyberspace, the increasing number of cyber attacks and cyber threats even more sophisticated could have a destabilizing effect on international peace and security. The risk of conflict between states […]
Pierluigi Paganini
April 11, 2017
Millions of people were targeted by a phishing campaign exploiting a Microsoft Word 0day and aimed to spread the Dridex Banking Trojan. Recently security experts from firms McAfee and FireEye warned of a Microsoft Word zero-day exploited by attackers in the wild. Just opening an MS Word document could put Windows users at risk, the exploitation of the flaw could […]
Pierluigi Paganini
April 11, 2017
Symantec reportedly linked the CIA hacking tools to several cyber attacks powered over the years by the Longhorn group. Security experts analyzed the alleged CIA hacking tools included in the Vault 7 dump that have been used against at least 40 governments and private organizations across 16 countries. Researchers at company firm Symantec reportedly linked the CIA […]
Cyber Crime / December 09, 2025
Cyber Crime / December 08, 2025
