Pierluigi Paganini
February 04, 2021
Cisco addressed multiple pre-auth remote code execution (RCE) flaws in small business VPN routers that allow executing arbitrary code as root. Cisco has fixed several pre-auth remote code execution (RCE) issues in multiple small business VPN routers. The flaws could be exploited by unauthenticated, remote attackers to execute arbitrary code as root on vulnerable devices. […]
Pierluigi Paganini
February 03, 2021
Researchers from TIM’s Red Team Research (RTR) discovered 2 new zero-day vulnerabilities in WordPress Plugin Limit Login Attempts Reloaded Italy also joins the security bug research, with the Red Team Research laboratory of TIM, an important Italian telecommunications company. Among the team’s objectives is to detect the vulnerabilities that a potential attacker could exploit to […]
Pierluigi Paganini
February 03, 2021
Alleged China-linked hackers have exploited a flaw in the SolarWinds Orion software to hack systems at the U.S. National Finance Center. FBI investigators discovered that allegedly China-linked hackers have exploited a flaw in the SolarWinds Orion software to break into the systems of the U.S. National Finance Center. The National Finance Center is a federal […]
Pierluigi Paganini
February 03, 2021
Experts warn that the recently discovered heap-based buffer overflow bug in Linux SUDO also impacts the latest version of Apple macOS Big Sur. Recently Qualys researchers found a Sudo vulnerability, tracked as CVE-2021-3156, that has allowed any local user to gain root privileges on Unix-like operating systems without authentication. Sudo is one of the most important, powerful, […]
Pierluigi Paganini
February 02, 2021
CloudSEK has discovered a post on a well-known database sharing forum advertising the PII of 500,000 Indian citizens. While the threat actor does not mention the name of an organization, the data provided in the sample is clearly associated with a police exam conducted on 22 Dec 2019. Discovery of the leak CloudSEK’s proprietary risk […]
Pierluigi Paganini
February 02, 2021
Ransomware operators are exploiting two VMWare ESXi vulnerabilities, CVE-2019-5544 and CVE-2020-3992, to encrypt virtual hard disks. Security experts are warning of ransomware attacks exploiting two VMWare ESXi vulnerabilities, CVE-2019-5544 and CVE-2020-3992, to encrypt virtual hard disks. According to ZDNet, threat actors are using VMWare ESXi exploits to encrypt the disks of virtual machines deployed in […]
Pierluigi Paganini
February 02, 2021
The U.S. CISA reveals that many of the victims of the SolarWinds hackers had no direct connection to SolarWinds. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that many of the organizations targeted by SolarWinds hackers had not direct link to the supply chain attack. “While the supply chain compromise of SolarWinds first highlighted […]
Pierluigi Paganini
February 01, 2021
Experts uncovered a new supply chain attack leveraging the update process of NoxPlayer, a free Android emulator for PCs and Macs. UPDATE (February 3rd, 2021): Following the publication of our research, BigNox have contacted us to say that their initial denial of the compromise was a misunderstanding on their part and that they have since […]
Pierluigi Paganini
February 01, 2021
Researchers from the security firm NCC Group warn of the exploitation in the wild of a SonicWall zero-day vulnerability. Security experts from the firm NCC Group have detected “indiscriminate” exploitation of a SonicWall zero-day in attacks in the wild, ZDNet reported. NCC Group first disclosed the attacks on SonicWall devices on Sunday but did not […]
Pierluigi Paganini
February 01, 2021
Google discovered a flaw in GNU Privacy Guard (GnuPG)’s Libgcrypt encryption library that could be exploited to get remote code execution. The popular white hat hacker Tavis Ormandy of Google Project Zero discovered a severe heap buffer overflow flaw in GNU Privacy Guard (GnuPG)’s Libgcrypt encryption software could have allowed a remote attacker to write […]
