Pierluigi Paganini
September 07, 2019
Maintainers of the open-source Metasploit penetration testing framework have added a public exploit module for the BlueKeep Windows flaw. There is a surprise for Metasploit users, maintainers of the open-source penetration testing framework have added a public exploit module for the BlueKeep Windows flaw. The BlueKeep vulnerability, tracked as CVE-2019-0708, impacts the Windows Remote Desktop Services (RDS) and was addressed by Microsoft […]
Pierluigi Paganini
September 06, 2019
A security flaw in Exim mail servers could be exploited by local or remote attackers to execute arbitrary code with root privileges. The Exim development team has addressed a vulnerability in Exim mail server, tracked as CVE-2019-15846, that could be exploited by local and remote attackers to execute arbitrary code with root privileges. The vulnerability […]
Pierluigi Paganini
September 06, 2019
Maintainers at the PHP programming language have released new versions that address multiple flaws, including some code execution issues. The development team behind the PHP programming language recently released new versions of PHP to address multiple high-severity vulnerabilities in its core and bundled libraries. The most severe flaw could be exploited by a remote attacker […]
Pierluigi Paganini
September 06, 2019
600,000 GPS trackers left exposed online with a default password of ‘123456’ Avast researchers found at least 600,000 GPS trackers manufactured by a Chinese vendor that were exposed online with a default password of “123456.” Researchers from Avast discovered at least 600,000 GPS trackers that were exposed online with a default password of “123456.” The […]
Pierluigi Paganini
September 05, 2019
Maintainers of the Android Open Source Project (AOSP) failed to address a privilege escalation bug in the Android mobile OS that was reported six months ago. Experts disclosed details of a zero-day vulnerability that affects the Android mobile operating system. The high-severity zero-day issue resides in the driver for the Video For Linux 2 (V4L2) […]
Pierluigi Paganini
September 05, 2019
Experts discovered a year-old flaw in Samba software that could be exploited to bypass file-sharing permissions and access forbidden root shares paths. Security researchers discovered a year-old vulnerability in Samba software that could be exploited, under certain conditions, to bypass file-sharing permissions and access forbidden root shares paths. “On a Samba SMB server for all […]
Pierluigi Paganini
September 05, 2019
Twitter opted to temporarily disable the feature that allows users to post tweets via SMS, in response to the hack of the CEO’s account. Twitter announced to temporarily disable the feature that allows users to post tweets via SMS, in response to the hack of the CEO’s account. “We’re taking this step because of vulnerabilities […]
Pierluigi Paganini
September 05, 2019
Kenneth Currin Schuchman (21) from Vancouver, Washington pleaded guilty to creating and operating multiple DDoS IoT botnet, including Satori. Kenneth Currin Schuchman (21) from Vancouver, Washington, aka Nexus Zeta, pleaded guilty to creating and operating multiple DDoS IoT botnets. Court documents revealed that the man suffers from Asperger Syndrome and autism disorder. Schuchman compromised hundreds […]
Pierluigi Paganini
September 04, 2019
Experts warn of advanced phishing attacks in certain modern Android-based phones that can trick users into accepting new malicious phone settings. When users insert a new SIM in their mobile phone and access to the cellular network for the first time, the carrier service automatically configures or sends you a message containing settings for the […]
Pierluigi Paganini
September 04, 2019
Experts at SEC Consult discovered several security issues in various Zyxel devices that allow to hack them via unauthenticated DNS requests. Security researchers at SEC Consult discovered multiple vulnerabilities in various Zyxel devices, including hardcoded credentials and issues that could allow to hack them via unauthenticated DNS requests. The first issue is an information disclosure […]
