Pierluigi Paganini
September 27, 2018
A new integer overflow vulnerability found in Linux Kernel. Dubbed Mutagen Astronomy, it affects Red Hat, CentOS, and Debian Distributions. Security researchers have discovered a new integer overflow vulnerability in Linux Kernel, dubbed Mutagen Astronomy, that affects Red Hat, CentOS, and Debian Distributions. The vulnerability could be exploited by an unprivileged user to gain superuser access to the targeted system. The flaw was […]
Pierluigi Paganini
September 27, 2018
Uber agrees to $148 million settlement with US States and the District of Columbia over the massive 2016 data breach that exposed personal data of 57 million of its users. In November 2017, the Uber CEO Dara Khosrowshahi announced that hackers broke into the company database and accessed the personal data (names, email addresses and cellphone numbers) […]
Pierluigi Paganini
September 26, 2018
The latest samples of the HNS bot were designed to target Android devices having the wireless debugging feature ADB enabled. The Hide and Seek (HNS) IoT botnet was first spotted early this year, since its discovery the authors continuously evolved its code. The IoT botnet appeared in the threat landscape in January, when it was first discovered on January 10th […]
Pierluigi Paganini
September 26, 2018
Former NSA TAO hacker was sentenced to 66 months in prison because he leaked top-secret online documents related to the US government ban on Kaspersky. A former member of the NSA’s Tailored Access Operations hacking team was sentenced to 66 months in prison because he leaked top-secret online documents related to the US government ban on Kaspersky software. The former NSA hacker is Nghia […]
Pierluigi Paganini
September 26, 2018
0patch community released an unofficial patch for the Microsoft JET Database Engine zero-day vulnerability disclosed by Trend Micro’s Zero Day Initiative Experts from 0patch, a community of experts that aims at addressing software flaws, released an unofficial patch for the Microsoft JET Database Engine zero-day vulnerability that Trend Micro’s Zero Day Initiative (ZDI) disclosed last […]
Pierluigi Paganini
September 25, 2018
Bitcoin Core Software fixed a critical DDoS attack vulnerability in the Bitcoin Core wallet software tracked as CVE-2018-17144. The Bitcoin Core team urges miners to update client software with the latest Bitcoin Core 0.16.3 version as soon as possible. “A denial-of-service vulnerability (CVE-2018-17144) exploitable by miners has been discovered in Bitcoin Core versions 0.14.0 up […]
Pierluigi Paganini
September 25, 2018
Another fashion retailer suffered a data breach, the victim is SHEIN that announces the security breach affected 6.42 million customers. The retailer hired a forensic cybersecurity firm as well as an international law firm to investigate the security breach. SHEIN is now notifying affected users and it is urging them to change the password for […]
Pierluigi Paganini
September 25, 2018
The popular macOS expert and former NSA hacker has discovered a zero-day vulnerability in macOS on Mojave ‘s release day. It is always Patrick Wardle, this time the popular expert and former NSA hacker has found a zero-day flaw in macOS on Mojave ‘s release day. According to the expert, the implementation bug can be […]
Pierluigi Paganini
September 25, 2018
According to Akamai’s latest State of the Internet report on credential stuffing, credential stuffing continues to be growing threat. According to Akamai report titled “[state of the internet] / security CREDENTIAL STUFFING ATTACKS“ the credential stuffing attacks are a growing threat and often underestimated. Credential stuffing attacks involve botnets to try stolen login credentials usually obtained through phishing […]
Pierluigi Paganini
September 24, 2018
Cisco has patched a critical vulnerability in the Cisco Video Surveillance Manager (VSM) could be exploited by an unauthenticated remote attacker to gain root access. Cisco has fixed a critical vulnerability in the Cisco Video Surveillance Manager software running on some Connected Safety and Security Unified Computing System (UCS) platforms. The flaw could give an unauthenticated, […]
