Pierluigi Paganini
March 13, 2018
Security experts at firm Preempt Security discovered a critical vulnerability in Credential Security Support Provider protocol (CredSSP) that affects all versions of Windows to date. The flaw, tracked as CVE-2018-0886, could be used by a remote attacker to exploit RDP (Remote Desktop Protocol) and Windows Remote Management (WinRM) to steal data and run malicious code. The vulnerability is […]
Pierluigi Paganini
March 13, 2018
Maintainers at the Samba project have released new versions of the popular networking software to fix two critical vulnerabilities. Maintainers at the Samba project have released new versions of the popular open-source networking software to address two critical vulnerabilities that could be exploited by unprivileged remote attackers to launch DoS attacks against servers and […]
Pierluigi Paganini
March 13, 2018
MOSQUITO is new technique devised by a team of researchers at Israel’s Ben Gurion University, led by the expert Mordechai Guri, to exfiltrate data from an air-gapped network. The technique leverage connected speakers (passive speakers, headphones, or earphones) to acquire the sound from surrounding environment by exploiting a specific audio chip feature. Once again the team demonstrated […]
Pierluigi Paganini
March 13, 2018
According to a new study conducted by American and Czech researchers, the trade of code-signing certificates is a flourishing business. Code-signing certificates are precious commodities in the dark web, according to a new study conducted by American and Czech researchers and Symantec Labs technical director Christopher Gates their trade is a flourishing business. The experts pointed out […]
Pierluigi Paganini
March 13, 2018
The researchers at Kaspersky Lab ICS CERT decided to check the popular Hanwha SmartCams and discovered 13 vulnerabilities. Wikipedia describes Attack Surface, as “[the] sum of the different points (the “attack vectors”) where an unauthorized user (the “attacker”) can try to enter data to or extract data from an environment.” Basically, the more points there are to compromise […]
Pierluigi Paganini
March 12, 2018
China-Linked APT15 used new backdoors is an attack that is likely part of a wider operation aimed at contractors at various UK government departments and military organizations. Last week Ahmed Zaki, a senior malware researcher at NCC Group, presented at the Kaspersky’s Security Analyst Summit (SAS), details of a malware-based attack against the service provider for the […]
Pierluigi Paganini
March 12, 2018
Besides being known about corruption scandals, South America is a reference to the development of ATM malware spreading globally with Brazil, Colombia, and Mexico leading the way. A research conducted by KASPERSKY has revealed a convergence on attacks against financial institutions, where traditional crimes and cybercrime join forces together to target and attack ATM (Automated […]
Pierluigi Paganini
March 12, 2018
Researchers from the ISC SANS group and the Anti-DDoS company Imperva discovered two distinct campaigns targeting Windows Server, Redis and Apache Solr servers online. Last week new mining campaigns targeted unpatched Windows Server, Apache Solr, and Redis servers, attackers attempted to install the cryptocurrency miner Coinminer. Two campaigns were spotted by researchers from the ISC SANS group and the […]
Pierluigi Paganini
March 11, 2018
ESET collected evidence of Hacking Team ‘activity post-hack, the company published an interesting analysis based on post hack samples found in the wild. Security researchers at ESET have spotted in fourteen countries previously unreported samples of the Remote Control System (RCS), the surveillance software developed by the Italian Hacking Team, in fourteen countries. Malware researchers […]
Pierluigi Paganini
March 11, 2018
According to Citizen Lab, some governments are using Sandvine network gear installed at internet service providers to deliver spyware and cryptocurrency miners. Researchers at human rights research group Citizen Lab have discovered that netizens in Turkey, Egypt and Syria who attempted to download legitimate Windows applications from official vendor websites (i.e. Avast Antivirus, CCleaner, Opera, and 7-Zip) […]
Hacking / December 06, 2025
