Pierluigi Paganini
May 21, 2018
On Friday, the Internet Systems Consortium (ISC) announced security updates for BIND DNS software that address two vulnerabilities rated with a “medium” severity rating. Both vulnerabilities could be exploited by attackers to cause a denial-of-service (DoS) condition, the first issue tracked as CVE-2018-5737 can also cause severe operational problems such as degradation of the service. “A problem […]
Pierluigi Paganini
May 20, 2018
Security researchers discovered that a misconfigured server operated by the CalAmp company could allow anyone to access account data and takeover the associated vehicle. CalAmp is a company that provides backend services for several well-known systems. Security researchers Vangelis Stykas and George Lavdanis discovered that a misconfigured server operated by the CalAmp company could allow anyone to access […]
Pierluigi Paganini
May 20, 2018
Researchers from Eclypsium proposed a new variation of the Spectre attack that can allow attackers to recover data stored inside CPU System Management Mode. Security experts from Eclypsium have devised a new variation of the Spectre attack that can allow attackers to recover data stored inside CPU System Management Mode (SMM) (aka called ring -2). The SMM is an operating […]
Pierluigi Paganini
May 19, 2018
DrayTek routers are affected by a zero-day vulnerability that could be exploited by attackers to change DNS settings on some models. Routers manufactured by the Taiwan-based vendor DrayTek are affected by a zero-day vulnerability that could be exploited by attackers to change DNS settings on some of its routers. DrayTek confirmed to be aware that hackers are attempting […]
Pierluigi Paganini
May 18, 2018
While a new variant of the dreaded Mirai botnet, so-called Wicked Mirai, emerged in the wild the operators of the Mirai Satori botnet appear very active. Experts observed hackers using the Satori botnet to mass-scan the Internet for exposed Ethereum mining pools, they are scanning for devices with port 3333 exposed online. The port 3333 is a port […]
Pierluigi Paganini
May 17, 2018
Nethammer attack technique is the first truly remote Rowhammer attack that doesn’t require a single attacker-controlled line of code on the targeted system. A few days ago security experts announced the first network-based remote Rowhammer attack, dubbed Throwhammer. The attack exploits a known vulnerability in DRAM through network cards using remote direct memory access (RDMA) channels. Rowhammer is classified as a […]
Pierluigi Paganini
May 17, 2018
The head of the Mexican central bank, Alejandro Diaz de Leon announced this week that hackers were involved in shadowy transfers of between $18 million and $20 million. Mexican central bank is the last victim of the SWIFT hackers, officials at the bank confirmed this week that hackers hit the payments system and stole millions […]
Pierluigi Paganini
May 16, 2018
According to The Guardian newspaper, Ecuador spent millions on spy operation for Julian Assange after he hacked the embassy network. According to a report published by the Guardian, Ecuador spied on WikiLeaks founder Julian Assange at its London embassy where he took in political asylum since 2012, In 2012 a British judge ruled he should be extradited to Sweden […]
Pierluigi Paganini
May 16, 2018
Mysterious hackers ingenuously reveal two zero-days to the security community, experts collaborated to promptly fix them. Anton Cherepanov, security expert form ESET researcher, discovered two zero-days while analyzing a malicious PDF, according to the researcher the mysterious hacker(s) were still working on the exploits. The malicious PDF was discovered late in March 2018 (Two suspicious PDF samples zero-day […]
Pierluigi Paganini
May 16, 2018
Red Hat has announced a critical vulnerability in its DHCP client tracked as CVE-2018-1111 that could be exploited by attackers to execute arbitrary commands with root privileges on targeted systems. Felix Wilhelm from the Google security team discovered a critical remote command injection vulnerability in the DHCP client implementation of Red Hat Linux, the issue also affects other distros […]
