Pierluigi Paganini
June 18, 2017
A bug in the software used by Facebook moderators to review inappropriate content resulted in the disclosure of identities of moderators to suspected terrorists. According to the Guardian, the social network giant Facebook put the safety of its content moderators at risk after inadvertently exposing their personal details to suspected terrorist users on the social network. A […]
Pierluigi Paganini
June 18, 2017
Researchers uncovered a new cyber espionage campaign involving the Kasperagent spyware delivered with Palestine-Themed decoy files. In March, experts at security firm Qihoo 360 have spotted a cyber espionage campaign conducted by a threat actor tracked as APT-C-23 and Two-Tailed Scorpion. A few weeks later, in April, researchers at Palo Alto Networks and ClearSky also shared the […]
Pierluigi Paganini
June 17, 2017
The Dutch developer Luke Paris has created a PHP rootkit that hides in PHP server modules, he also explained why it is more dangerous of classic rootkits. The Dutch developer Luke Paris has created a rootkit that hides in PHP server modules that could be used by attackers to take over web servers. While classic […]
Pierluigi Paganini
June 17, 2017
The British hacker Sean Caffrey, 25, from Sutton Coldfield pleaded guilty to stealing satellite data from US Department of Defense (DoD). The British hacker Sean Caffrey, 25, from Sutton Coldfield pleaded guilty to stealing user accounts from a U.S. military communications system. According to the NCA, the man admitted in the Birmingham Crown Court to stealing […]
Pierluigi Paganini
June 16, 2017
The Nmap project announced the release of Nmap 7.50, the first big release since last December that has hundreds of improvements. Nmap 7.50 is the new release of the popular the Network Mapper, the previous release dates back December 2016 and the new one brings hundreds of improvements. Nmap 7.50 includes the Npcap packet capturing driver […]
Pierluigi Paganini
June 16, 2017
The number of fileless malware continues to increase, recently security researchers spotted a new Fileless Ransomware dubbed Sorebrect. Sorebrect is able to inject malicious code into a legitimate system process (svchost.exe) on a targeted system and it terminates its binary to evade detection. It also make hard forensics analysis by deleting the affected system’s event logs using […]
Pierluigi Paganini
June 16, 2017
A study conducted by the security firm Rapid7 revealed that millions of devices remain exposed to cyber attacks via SMB, Telnet, RDP, and other types of improper configurations. Rapid7 published the second report National Exposure Index that provides Internet service providers (ISPs) worldwide information about the global exposure of devices. The researchers scanned the Internet for improperly configured services, […]
Pierluigi Paganini
June 16, 2017
Researchers at the security firm Yoroi have discovered a False Flag Attack on Multi-Stage Delivery of Malware to Italian Organisations. Everything started from a well edited Italian language email (given to me from a colleague of mine, thank you Luca!) reaching out many Italian companies. The Italian language email had a weird attachment: ordine_065.js (it […]
Pierluigi Paganini
June 14, 2017
Microsoft released the June 2017 Patch Tuesday to address more than 90 security flaws, including two critical RCE that have been exploited in attacks. Microsoft released June Patch Tuesday updates that address more than 90 vulnerabilities, including two critical remote code execution (RCE) vulnerabilities that have been exploited in attacks. The first vulnerability, tracked as CVE-2017-8464, […]
Pierluigi Paganini
June 14, 2017
On Tuesday, Adobe released updates for Flash Player, Shockwave Player, Captivate and Digital Editions addressing a total of 20 vulnerabilities. Some vulnerabilities fixed by Adobe are critical remote code execution issue, the last release, version 26.0.0.126, addressed nine flaws in Flash Player. The vulnerabilities were tracked as CVE-2017-3075, CVE-2017-3081, CVE-2017-3083, CVE-2017-3084, CVE-2017-3076, CVE-2017-3077, CVE-2017-3078, CVE-2017-3079, and CVE-2017-3082. […]
Security / September 09, 2025
Malware / September 09, 2025
