Pierluigi Paganini
September 20, 2016
The OpenSSL Project announced early this week that it will release as soon as possible updates to that patch multiple vulnerabilities. One of the flaws that affect the popular toolkit has a “high” severity. The Project plans to release OpenSSL versions 1.1.0a, 1.0.2i and 1.0.1u next Thursday. The OpenSSL Project confirmed that the security updates that will […]
Pierluigi Paganini
September 19, 2016
Security experts from the cyber threat intelligence firm Blueliv have published a report on the banking Trojan Vawtrak v2 its criminal ecosystem. Security experts from the cyber threat intelligence firm Blueliv have conducted a technical investigation on the banking Trojan Vawtrak v2 and activities of the cybercriminal groups behind the threat. Vawtrak is a threat that has been […]
Pierluigi Paganini
September 19, 2016
Two researchers have analyzed images Exif metadata included in the photos used by crooks to advertise their products on black marketplaces in the dark web. Darknets are a privileged environment for crooks that intend to develop a prolific business protecting their anonymity, anyway, there are several aspects that they need to consider in order to […]
Pierluigi Paganini
September 19, 2016
Cisco revealed the existence of another zero-day vulnerability, tracked as CVE-2016-6415, in the Equation Group archive leaked by the Shadow Broker hackers. This summer a group of hackers known as Shadow Brokers hacked into the arsenal of the NSA-linked group Equation Group and leaked roughly 300 Mb of exploits, implants, and hacking tools. The existence of the […]
Pierluigi Paganini
September 19, 2016
The National Institute of Standards and Technology (NIST) has issued a draft of a self-assessment tool named Baldrige Cybersecurity Excellence Builder. The tool is based on the Baldrige Performance Excellence Program and the risk management mechanisms of NIST cybersecurity framework. The Baldrige Cybersecurity Excellence Builder was designed to help enterprises to measure the effectiveness of their implementation of the […]
Pierluigi Paganini
September 18, 2016
Two security researchers have developed an undetectable PLC rootkit that will present at the upcoming Black Hat Europe 2016. The energy industry is under unceasing attack, cyber criminals, and state-sponsored hackers continue to target the systems of the companies in the sector. The Stuxnet case has demonstrated to the IT community the danger of cyber attacks, […]
Pierluigi Paganini
September 18, 2016
Mozilla plans to fix the cross-platform RCE flaw that threatened Tor anonymity. The flaw affects certificate pinning protections implemented by Mozilla. Mozilla plans to release a Firefox update to address the cross-platform remote code-execution vulnerability recently patched in the Tor browser. The tor is inviting its users to install the security update urgently, and Mozilla follows close […]
Pierluigi Paganini
September 18, 2016
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. First of all let me inform you that at the #infosec16 SecurityAffairs was awarded as The Best European Personal Security Blog http://securityaffairs.co/wordpress/48202/breaking-news/securityaffairs-best-european-personal-security-blog.html THANK YOU! LuaBot is the first Linux DDoS botnet written in Lua Language Security Affairs newsletter Round […]
Pierluigi Paganini
September 18, 2016
The British intelligence agency GCHQ is planning to create to protect the country from cyber attacks by creating a national firewall. The news was announced, during the Billington CyberSecurity Summit held in Washington DC, by the GCHQ director general of cyber security Ciaran Martin. The British GCHQ recently created the National Cyber Security Centre, led by Martin, that has […]
Pierluigi Paganini
September 17, 2016
Hacking Facebook – An Indian researcher discovered a critical vulnerability in the Facebook business manager that could be exploited to hack any Page. The Indian security researcher Arun Sureshkumar reported a critical vulnerability in the Facebook business manager that could be exploited by attackers to hack any Facebook page. The Business Manager is the component […]
