Pierluigi Paganini
July 04, 2017
According to experts from Talos, security vulnerabilities in pre-installed software expose Dell systems to code execution attacks. Security vulnerabilities in pre-installed software expose Dell systems to code execution attacks. Hackers can exploit the flaws to disable security mechanisms, escalate privileges and execute arbitrary code within the context of the application user. According to the experts […]
Pierluigi Paganini
July 04, 2017
Today I have the pleasure to interview Mubix “Rob” Fuller (@mubix ) one of the most prominent experts in the hacking community. Rob has over 11 years of experience covering all facets of information security. He has been behind the lines helping to design, build, and defend the US Marine Corps, US Senate, and Pentagon networks […]
Pierluigi Paganini
July 04, 2017
Experts have devised a side-channel attack on RSA secret keys that allowed to crack 1024-bit RSA Encryption in GnuPG Crypto Library. Security researchers have found a critical vulnerability, tracked as CVE-2017-7526, in a Gnu Privacy Guard (aka (GnuPG or GPG) cryptographic library that allowed them cracking RSA-1024 and extract the RSA key to decrypt data. The research team was composed […]
Pierluigi Paganini
July 04, 2017
Researchers at Proofpoint discovered a massive AdGholas Malvertising Campaign infecting as many as 1 million computers per day with several banking trojans. A new massive AdGholas malvertising network discovered by experts at Proofpoint has been infecting as many as 1 million computers per day with several banking trojans. AdGholas operators have been active since 2015, the threat […]
Pierluigi Paganini
July 04, 2017
Researchers from Mandiant found a way to gain root privileges on Lenovo VIBE smartphones by chaining three vulnerabilities. The Lenovo VIBE smartphones were affected by security vulnerabilities that could allow an attacker with physical access to the device to gain root privileges. Researchers from Lenovo confirmed that the vulnerabilities could be exploited only on devices that […]
Pierluigi Paganini
July 03, 2017
Google has notified some employees that they may have been hit by the data breach suffered by travel technology firm Sabre. In May, the Travel Tech Giant Sabre confirmed in a SEC filing it was “investigating an incident involving unauthorized access to payment information contained in a subset of hotel reservations processed through the Sabre Hospitality Solutions SynXis […]
Pierluigi Paganini
July 03, 2017
Security researchers at SEC-Consult found severe vulnerabilities in the German e-government Communication Library OSCI (Online Services Computer Interface). According to the experts at SEC-Consult, the German e-government system OSCI (Online Services Computer Interface) is open to padding oracle attacks and other vulnerabilities due to the use of an insecure communications protocol. The researchers at SEC Consult found severe vulnerabilities […]
Pierluigi Paganini
July 03, 2017
Telegram agrees to register with Russia authorities to avoid the local ban, but the battle is still ongoing because it won’t share user data. The Russian Government threatened to ban Telegram because it refused to comply data protection laws. “There is one demand, and it is simple: to fill in a form with information on […]
Pierluigi Paganini
July 03, 2017
The recent global outbreak of the “NotPetya” malware has some very curious features that have left security officials puzzled. Despite the press coverage, NotPetya is not really a ransomware attack to hold your data hostage. It’s a killbot. Several information security specialists have pointed a finger directly at Moscow; citing circumstantial evidence the source of […]
Pierluigi Paganini
July 02, 2017
The Department of Homeland Security’s (DHS) US Computer Emergency Readiness Team (US-CERT) published the Alert (TA17-181A) on the Petya Ransomware. The US-CERT urges organizations of updating their software and avoiding use unsupported applications and OSs. The US-CERT confirmed it has received multiple reports of Petya ransomware infections related the recent massive attack. The ransomware leverages the ETERNALBLUE […]
