Pierluigi Paganini
August 23, 2020
A bug in Google Drive could be exploited by threat actors to distribute malicious files disguised as legitimate documents or images. An unpatched weakness in Google Drive could be exploited by threat actors to distribute weaponized files disguised as legitimate documents or images. enabling bad actors to perform spear-phishing attacks comparatively with a high success […]
Pierluigi Paganini
August 22, 2020
The ATM manufacturer giants, Diebold Nixdorf and NCR, have released software updates to fix a flaw that could have been exploited for ‘deposit forgery’ attacks The ATM manufacturers Diebold Nixdorf and NCR have addressed a bug that could have been exploited for ‘deposit forgery’ attacks The flaws that could have allowed crooks to modify the […]
Pierluigi Paganini
August 22, 2020
Hackers are attempting to exploit multiple vulnerabilities in the Discount Rules for WooCommerce WordPress plugin, which has 30,000+ installations. Researchers from security firm WebArx reported that Hackers are actively attempting to exploit numerous flaws in the Discount Rules for WooCommerce WordPress plugin. The list of vulnerabilities includes SQL injection, authorization flaws, and unauthenticated stored cross-site scripting (XSS) security vulnerabilities. Discount […]
Pierluigi Paganini
August 22, 2020
The FBI and CISA issued a joint alert to warn teleworkers of an ongoing vishing campaign targeting entities from multiple US sectors. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint security advisory to warn teleworkers of an ongoing vishing campaign targeting organizations from multiple US industry industries. […]
Pierluigi Paganini
August 20, 2020
Google addressed an email spoofing vulnerability affecting Gmail and G Suite a few hours after it was publicly disclosed. Google addressed an email spoofing vulnerability affecting its Gmail and G Suite products a few hours after it was publicly disclosed, but the IT giant was ware of the flaw since April. On Wednesday, the researcher […]
Pierluigi Paganini
August 20, 2020
IBM addressed a shared memory vulnerability in its Db2 data management solutions that could lead to information disclosure. IBM fixed a shared memory vulnerability in its Db2 data management products that can be exploited by malicious local users to access sensitive data. The vulnerability, which is tracked as CVE-2020-4414, was discovered by researchers from Trustwave, it […]
Pierluigi Paganini
August 19, 2020
Researchers spotted a new sophisticated peer-to-peer (P2P) botnet, dubbed FritzFrog, that has been actively targeting SSH servers since January 2020. FritzFrog is a new sophisticated botnet that has been actively targeting SSH servers worldwide since January 2020. The bot is written in Golang and implements wormable capabilities, experts reported attacks against entities in government, education, and finance […]
Pierluigi Paganini
August 19, 2020
The actively exploited Windows spoofing vulnerability (CVE-2020-1464) recently patched by Microsoft has been known for more than two years. The actively exploited Windows spoofing flaw, tracked as CVE-2020-1464 and patched last week by Microsoft, has been known for more than two years, researchers revealed. Microsoft’s August 2020 Patch Tuesday security updates addressed 120 vulnerabilities, including two zero-days […]
Pierluigi Paganini
August 19, 2020
A remote code execution (RCE) vulnerability affecting the Concrete5 CMS exposed numerous servers to full takeover, experts warn. A recently addressed remote code execution (RCE) flaw in the Concrete5 CMS exposed numerous websites to attacks. Concrete5 is an open-source content management system (CMS) designed for ease of use, for users with a minimum of technical […]
Pierluigi Paganini
August 18, 2020
A critical vulnerability in Jenkins server software could result in memory corruption and cause confidential information disclosure. A critical vulnerability in Jenkins server software, tracked as CVE-2019-17638, could result in memory corruption and cause confidential information disclosure. Jenkins is the most popular open source automation server, it is maintained by CloudBees and the Jenkins community. The […]
Cyber Crime / November 04, 2025
Security / November 03, 2025
