Pierluigi Paganini
July 04, 2018
Huawei has rolled out security fixes for some enterprise and broadcast products to address a cryptography issue tracked as CVE-2017-17174. Huawei has released security updates for some enterprise and broadcast products to address a cryptography issue that was discovered in late 2017. The vulnerability, tracked as CVE-2017-17174, is related to the implementation of an insecure encryption […]
Pierluigi Paganini
July 04, 2018
Siemens disclosed several vulnerabilities in some of its SICLOCK central plant clocks, including ones that have been rated as “critical.” Siemens is warning of the presence of six vulnerabilities in some of its SICLOCK central plant clocks that used to synchronize time in industrial environments. “In the event of failure or loss of reception from the […]
Pierluigi Paganini
July 03, 2018
This week researchers demonstrated that most Android phones released since 2012 are still vulnerable to the RAMpage attack. In 2012, security researchers identified a bug in modern DRAM (dynamic random access memory) chips that could lead to memory corruption. In 2015, Google Project Zero researchers demonstrated “rowhammer“, a working exploit of this attack providing privilege […]
Pierluigi Paganini
July 03, 2018
Iranian APT groups continue to very active, recently Charming Kitten cyber spies attempted to pose as an Israeli cyber-security firm that uncovered previous hacking campaigns. The Iranian Charming Kitten ATP group, aka Newscaster or Newsbeef, launched spear phishing attacks against people interested in reading reports about it. The Newscaster group made the headlines in 2014 when experts at iSight issued a report describing the […]
Pierluigi Paganini
July 02, 2018
The maintainers of the Trezor multi-cryptocurrency wallet service reported a phishing attack against some of its users that occurred during the weekend. I had some issues yesterday, when accessing your site. It seems to be related with DNS. Is https://t.co/wGje8x5lRN legit? — Carsten 🇹🇭 ⚡ (@CarstenBKK) July 1, 2018 The attack appears more complex respect […]
Pierluigi Paganini
July 01, 2018
The sale of Zero-day exploits is a prolific business, zero-day broker Zerodium offers rewards of up to $500,000 FreeBSD, OpenBSD, NetBSD, Linux Zero-Days. The sale of Zero-day exploits is a prolific business that most people totally ignore, to better understand its evolution let’s analyze together the offer of the popular exploit broker Zerodium. To have […]
Pierluigi Paganini
July 01, 2018
Security expert Vinny Troia has found a huge trove of data belonging to millions of Americans that were left unsecured online. The security researcher Vinny Troia was analyzing the level of security for Elasticsearch installs exposed online when discovered millions of records belonging to Americans that were left unsecured online. The expert used Shodan to find U.S. […]
Pierluigi Paganini
July 01, 2018
Security issues in the LTE mobile device standard could be exploited by persistent attackers to spy on users’ cellular networks and hijack data traffic. A team of from Ruhr-Universität Bochum and New York University Abu Dhabi has discovered some security issues in the LTE mobile device standard that could be exploited by persistent attackers (i.e. intelligence […]
Pierluigi Paganini
June 30, 2018
Typeform, the popular online survey platform, has suffered a data breach that exposed partial data of some users, no payment card data was stolen. Typeform, the popular online survey platform, is the last victim of a data breach. Typeform software is widely adopted by businesses worldwide to easily arrange surveys, it allows easy creation of […]
Pierluigi Paganini
June 30, 2018
Experts discovered a third-party quiz app, called NameTests, that was found exposing data of up to 120 million Facebook users. A bug on the Nametests.com exposed data of over 120 million users who took personality quizzes on Facebook, the good news is that the flaw was addressed as part of the Facebook’s Data Abuse Bounty Program launched […]
