Pierluigi Paganini
February 02, 2018
Chinese Iron Tiger APT is back, the new campaign, dubbed by Operation PZChao is targeting government, technology, education, and telecommunications organizations in Asia and the US. Malware researchers from Bitdefender have discovered and monitored for several months the activity of a custom-built backdoor capable of password-stealing, bitcoin-mining, and of course to gain full control of the […]
Pierluigi Paganini
February 02, 2018
Researcher discovered a critical vulnerability in the web server component of 3S-Smart Software Solutions’ CODESYS WebVisu product currently used in 116 PLCs and HMIs from many vendors, Security researcher Zhu WenZhe from Istury IOT discovered a critical stack-based buffer overflow vulnerability in the web server component of 3S-Smart Software Solutions’ CODESYS WebVisu product that allows users to view […]
Pierluigi Paganini
February 02, 2018
Researchers at Qihoo 360’s Netlab analyzed a new campaign powered by the DDG botnet, the second largest mining botnet of ever, that targets Redis and OrientDB servers. A new Monero-mining botnet dubbed DDG was spotted in the wild, the malware targets Redis and OrientDB servers. According to the researchers at Qihoo 360’s Netlab, the DDG botnet […]
Pierluigi Paganini
February 02, 2018
Security experts at Digital Defense have discovered several vulnerabilities in the products of the Zoho-owned ManageEngine. The list of vulnerabilities discovered includes a flaw that could be exploited by an attacker to take complete control over the vulnerable application. The flaws affect ServiceDesk Plus, Service Plus MSP, OpManager, Firewall Analyzer, Network Configuration Manager, OpUtils and NetFlow […]
Pierluigi Paganini
February 02, 2018
The FBI Internet Crime Complaint Center (IC3) is warning of a new malware campaign aimed at infecting victims with weaponized attachments. The Feds’ Internet Crime Complaint Center (IC3) is warning of a new spam campaign aimed at infecting victims with a ransomware. According to an alert issued on Wednesday by the IC3, numerous citizens filled complaints after received […]
Pierluigi Paganini
February 01, 2018
South Korea’s Internet & Security Agency (KISA) is warning of a Flash zero-day vulnerability that has reportedly been exploited in attacks by North Korea’s hackers. According to the alert published by the KISA, the vulnerability affects the latest Flash Player version 28.0.0.137 and earlier. The zero-day vulnerability could be exploited by an attack by tricking […]
Pierluigi Paganini
February 01, 2018
Siemens has patched three security vulnerabilities in its Plant Management Product, the Siemens TeleControl Basic system. The system is used in water treatment facilities, traffic monitoring systems, and energy distribution plants. The TeleControl Basic control center runs the TeleControl Server Basic software. The Siemens TeleControl Basic system allows organizations to monitor and control processes in […]
Pierluigi Paganini
February 01, 2018
Researchers from Proofpoint discovered a huge botnet dubbed ‘Smominru’ that is using the EternalBlue exploit to infect Windows computers and recruit them in Monero cryptocurrency mining activities. The number of cyber attacks against the cryptocurrency sector continues, vxers are focusing their efforts on the development of cryptocurrency/miner malware. Recently security experts observed cryptocurrency miners leveraging the NSA EternalBlue SMB exploit […]
Pierluigi Paganini
February 01, 2018
Malware Exploiting Spectre, Meltdown Flaws Emerges Researchers at the antivirus testing firm AV-TEST have discovered more than 130 samples of malware that were specifically developed to exploit the Spectre and Meltdown CPU vulnerabilities. The good news is that these samples appear to be the result of testing activities, but experts fear that we could soon […]
Pierluigi Paganini
January 31, 2018
Mozilla has released security updates for Firefox 58 that addresses a critical remote code vulnerability that allows a remote attacker to run arbitrary code on vulnerable systems. Mozilla has released an update for the Firefox 58 browser (aka Firefox Quantum) that addresses a critical flaw that could be exploited by a remote attacker to execute […]
Hacking / December 06, 2025
