Pierluigi Paganini
May 01, 2018
Social networks could be a privileged attack vector to rapidly spread a malware to a huge audience, FacexWorm targets cryptocurrency users by spreading through Facebook Messenger. Social networks could be a privileged attack vector to rapidly spread a malware to a huge audience. In the last hours, a new threat is spreading through leveraging an apparently […]
Pierluigi Paganini
May 01, 2018
The NATO team is the winner of the Cyber Defence Exercise Locked Shields 2018 that took place on April 23-26 in Tallinn, Estonia. The international live-fire cyber defence exercise Locked Shields 2018 took place on April 23-26 in Tallinn, Estonia, and the figures behind this important competition are impressive. A total of 22 Blue Teams participated […]
Pierluigi Paganini
April 30, 2018
According to a security expert, Oracle appears to have botched the CVE-2018-2628 fix, this means that attackers could bypass it to take over WebLogic servers. Earlier April, Oracle patched the critical CVE-2018-2628 vulnerability in Oracle WebLogic server, but an Alibaba security researcher @pyn3rd discovered that the proposed fix could be bypassed. https://twitter.com/pyn3rd/status/990114565219344384 The CVE-2018-2628 flaw was […]
Pierluigi Paganini
April 30, 2018
The Thai authorities with the support of the ThaiCERT and security first McAfee have seized a server used by North Korean Hidden Cobra APT as part of the Op GhostSecret campaign. The Thai authorities with the support of the ThaiCERT have seized a server used by North Korean hackers in the attack against Sony Picture. […]
Pierluigi Paganini
April 29, 2018
Many companies using SAP systems ignore to be impacted by a 13-year-old security configuration that could expose their architecture to cyber attacks. According to the security firm Onapsis, 90 percent SAP systems were impacted by the vulnerability that affects SAP Netweaver and that can be exploited by a remote unauthenticated attacker who has network access […]
Pierluigi Paganini
April 29, 2018
Two security experts discovered that the control panel of a Ski lift in Austria was exposed online without any protection. The control panel of a Ski lift in Austria was exposed online, the disconcerting discovery was made on March 16 by the security experts Tim Philipp Schäfers and Sebastian Neef with security organization InternetWache.org. The ski lift is Patscherkofelbahn, a […]
Pierluigi Paganini
April 28, 2018
Bitdefender researcher Marius Tivadar has developed a dodgy NTFS file system image that could trigger a blue-screen-of-death when a mount is attempted on Windows 7 and 10 systems. The Bitdefender expert Marius Tivadar has discovered a vulnerability tied the way Microsoft handles of NTFS filesystem images, he also published a proof-of-concept code on GitHub that could be used to […]
Pierluigi Paganini
April 28, 2018
Weaponized documents are the main ingredient for almost any spam and spear-phishing campaign, let’s see how to steal windows credentials with specially crafted PDF files. Weaponized documents are the main ingredient for almost any spam and spear-phishing campaign. Weaponized PDF files can be used by threat actors to steal Windows credentials, precisely the associated NTLM […]
Pierluigi Paganini
April 27, 2018
Microsoft has released a new batch of software and microcode updates to address the Spectre flaw (Variant 2). The IT giant has rolled out a new batch of software and microcode security updates to address the Spectre flaw (Variant 2). The Spectre Variant 2, aka CVE-2017-5715, is a branch target injection vulnerability, while the Meltdown and Variant 1 […]
Pierluigi Paganini
April 26, 2018
Checkmarx experts created a proof-of-concept Amazon Echo Skill for Alexa that instructs the device to eavesdrop on users’ conversations and then sends the transcripts to a website controlled by the attackers. The Alexa virtual assistant could be abused by attackers to spy on consumers with smart devices. Researchers at security firm Checkmarx created a proof-of-concept Amazon Echo Skill […]
Hacking / December 06, 2025
