Pierluigi Paganini
December 02, 2020
Cybersecurity and Infrastructure Security Agency (CISA) and FBI are warning of attacks carried out by threat actors against United States think tanks. APT groups continue to target United States think tanks, the Cyber Security and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warn. The work of US think tanks has a […]
Pierluigi Paganini
December 02, 2020
Google Project Zero expert Ian Beer on Tuesday disclosed a critical “wormable” iOS flaw that could have allowed to hack iPhone devices. Google Project Zero white-hat hacker Ian Beer has disclosed technical details of a critical “wormable” iOS bug that could have allowed a remote attacker to take over any device in the vicinity over […]
Pierluigi Paganini
December 01, 2020
npm security staff removed two packages that contained malicious code to install the njRAT remote access trojan (RAT) on developers’ computers. Security staff behind the npm repository removed two packages that were found containing the malicious code to install the njRAT remote access trojan (RAT) on computers of JavaScript and Node.js developers who imported and […]
Pierluigi Paganini
December 01, 2020
The critical remote code execution (RCE) vulnerability CVE-2020-14882 in Oracle WebLogic is actively exploited by operators behind the DarkIRC botnet. Experts reported that the DarkIRC botnet is actively targeting thousands of exposed Oracle WebLogic servers in the attempt of exploiting the CVE-2020-14882. The CVE-2020-14882 can be exploited by unauthenticated attackers to take over the system […]
Pierluigi Paganini
December 01, 2020
Microsoft warns of Vietnam-linked Bismuth group that is deploying cryptocurrency miner while continues its cyberespionage campaigns Researchers from Microsoft reported that the Vietnam-linked Bismuth group, aka OceanLotus, Cobalt Kitty, or APT32, is deploying cryptocurrency miners while continues its cyberespionage campaigns. Cryptocurrency miners are typically associated with financially motivated attacks, but BISMUTH is attempting to take […]
Pierluigi Paganini
December 01, 2020
Talos experts found flaws in the WebKit browser engine that can be also exploited for remote code execution via specially crafted websites. Cisco’s Talos team discovered security flaws in the WebKit browser engine, including flaws that can be exploited by a remote attacker to gain code execution by tricking the user into visiting a malicious […]
Pierluigi Paganini
November 30, 2020
TIM’s Red Team Research led by Massimiliano Brolli discovered 6 new zero-day vulnerabilities in Schneider Electric StruxureWare. Today, TIM’s Red Team Research led by Massimiliano Brolli, discovered 6 new vulnerabilities in the StruxureWare product. The flaws have been addressed by the manufacturer Schneider Electric, between April and November 2020. Schneider Electric is a vendor specialized […]
Pierluigi Paganini
November 30, 2020
Boffins from the Ben-Gurion University of the Negev described a new cyberattack on DNA scientists that could open to biological warfare. A team of researchers from the Ben-Gurion University of the Negev described a new cyberattack on DNA scientists that could open to biological warfare. Scientists play a crucial role in modern society, especially during […]
Pierluigi Paganini
November 29, 2020
A cyber criminal organization has stolen money from at least 35 Italian ATMs with a black box attack technique. A criminal organization has stolen money from at least 35 ATMs and Post Office cash dispensers operated by Italian banks with a new black box attack technique. The Carabinieri of Monza dismantled by the gang, the […]
Pierluigi Paganini
November 29, 2020
Experts found a critical flaw in Real-Time Automation’s (RTA) 499ES EtherNet/IP stack that could allow hacking industrial control systems. Tracked as CVE-2020-25159, the flaw is rated 9.8 out of 10 in severity by the industry-standard Common Vulnerability Scoring System (CVSS) and impacts all versions of EtherNet/IP Adapter Source Code Stack prior to 2.28, which was released on November […]
Hacking / November 06, 2025
