Pierluigi Paganini
February 12, 2019
The 0patch experts released a micropatch to address a flaw in Adobe Reader zero-day that allows maliciously PDFs to call home and send over the victim’s NTLM hash.The 0patch experts released a micropatch to address an in Adobe Reader zero-day that allows maliciously PDF documents to call home and send over the victim’s NTLM hash. The 0patch experts […]
Pierluigi Paganini
February 12, 2019
620 million accounts stolen from 16 hacked websites (Dubsmash, Armor Games, 500px, Whitepages, ShareThis) available for sale on the dark web The Register revealed in exclusive that some 617 million online account details stolen from 16 hacked websites are available for sale on the dark web. The advertising for the sale of the huge trove […]
Pierluigi Paganini
February 12, 2019
Security experts found a serious flaw tracked CVE-2019-5736 affecting runc, the default container runtime for Docker, containerd, Podman, and CRI-O. Aleksa Sarai, a senior software engineer at SUSE Linux GmbH, has disclosed a serious vulnerability tracked CVE-2019-5736 affecting runc, the default container runtime for Docker, containerd, Podman, and CRI-O. The vulnerability was discovered by the security researchers […]
Pierluigi Paganini
February 11, 2019
Users of QNAP NAS devices are reporting through QNAP forum discussions of mysterious code that adds some entries that prevent software update. Users of the Network attached storage devices manufactured by QNAP have reported a mystery string of malware attacks that disabled software updates by hijacking entries in host machines’ hosts file. According to the […]
Pierluigi Paganini
February 11, 2019
Google has released a new extension for Chrome dubbed Password Checkup that will alert users if their username/password combinations were leaked online as part of a dump after a data breach. Last week Google released Password Checkup a Chrome extension that warns users about compromised logins every time they will enter login credentials on a […]
Pierluigi Paganini
February 11, 2019
Experts from Safety Detective discovered thousands of refrigeration systems made by Resource Data Management (RDM) exposed to remote attacks. Thousands of instances of a temperature control system made by Resource Data Management (RDM) are exposed to remote attacks because they were using default passwords and failed in implementing other security measures. The vulnerable instances are used […]
Pierluigi Paganini
February 10, 2019
Google has open sourced ClusterFuzz, its fuzzing infrastructure it has developed to find memory corruption vulnerabilities in Chrome. Google has open sourced its fuzzing infrastructure ClusterFuzz that the tech giant developed to find memory corruption bugs in the Chrome browser. ClusterFuzz is a scalable fuzzing tool that can run on clusters with more than 25,000 cores. […]
Pierluigi Paganini
February 10, 2019
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! Can Enterprises execute a GRC Movement? Experts observed […]
Pierluigi Paganini
February 08, 2019
Crooks leverage Google Translate service as camouflage on mobile browsers in a phishing campaign aimed at stealing Google account and Facebook credentials. The security expert Larry Cashdollar, a member of Akamai’s Security Intelligence Response Team (SIRT), discovered that cybercriminals are carrying out a new Phishing attack that leverages Google Translate as camouflage. The phishing campaign […]
Pierluigi Paganini
February 08, 2019
Security experts at Google discovered that two of the zero-day vulnerabilities patched by Apple with the release of iOS 12.1.4 were exploited in the wild. Security researchers at Google revealed that two of the zero-day flaws addressed by Apple with the release of iOS 12.1.4 were exploited in the wild. Apple iOS 12.1.4 version addresses […]
