Pierluigi Paganini
July 16, 2017
The experts from Netskope Threat Research Labs discovered the Hackshit PhaaS platform, another interesting case of crimeware-as-a-service. A few days ago, we discussed the Katyusha scanner,a powerful and fully automated SQLi vulnerability scanner discovered by researchers at security firm Recorded Future that was available for $500 in the cyber crime underground. The Katyusha scanner is just one […]
Pierluigi Paganini
July 15, 2017
Cisco has fixed nine serious remote code execution flaws in the SNMP subsystem running in all the releases of IOS and IOS XE software. The tech giant publicly disclosed the vulnerability on June 29 and provided workarounds, not it is notifying customers about the availability of security patches. The nine issues, that have been tracked with […]
Pierluigi Paganini
July 14, 2017
A 20 years-old vulnerability in Kerberos, dubbed Orpheus’ Lyre, was parched this week for both Microsoft and Linux distros. A 20 years-old vulnerability in Kerberos was parched this week for both Microsoft and Linux distros. The vulnerability dubbed Orpheus’ Lyre has been found three months ago by Jeffrey Altman, founder of AuriStor, and Viktor Dukhovni and Nicolas Williams from […]
Pierluigi Paganini
July 14, 2017
Attackers are using automated scans to target freshly installed WordPress websites, WordFence experts dubbed the technique WPSetup attack. According to experts at the WordPress security plugin WordFence, attackers are using automated scans to target freshly installed WordPress websites, taking advantage of administrators who fail to properly configure their server’s settings. The experts dubbed the attack WPSetup […]
Pierluigi Paganini
July 13, 2017
The Eternal Blues scanner allowed administrators worldwide to discover more than 50,000 computers vulnerable to the NSA-linked EternalBlue exploit. Recently the security researcher Elad Erez developed Eternal Blues, a free EternalBlue vulnerability scanner that could be used by administrators to assess networks. Now Elad Erez published data collected by the Eternal Blues over the two weeks, the […]
Pierluigi Paganini
July 13, 2017
Wikileaks released the documentation for HighRise, an Android app used by the CIA to intercept and redirecting SMS messages to a CIA-controlled server. WikiLeaks just published a new batch of documents related to another CIA hacking tool dubbed HighRise included in the Vault 7 released in partnership with media partners. The tool is an Android application […]
Pierluigi Paganini
July 12, 2017
As part of the Microsoft Patch Tuesday, the tech giant fixed two critical flaws in Windows NTLM Security Protocol. Users must apply the patch asap. As part of the July Patch Tuesday, Microsoft has released security patches for a serious privilege escalation flaw affecting all Windows operating system versions for enterprises released since 2007. Experts at […]
Pierluigi Paganini
July 12, 2017
Katyusha Scanner is a new fully automated SQLi vulnerability scanner discovered by researchers at security firm Recorded Future. Recorded Future security researchers have discovered a fully automated SQLi vulnerability scanner, dubbed Katyusha Scanner, on a hacking forum. The tool is offered for sale for just $500, it allows mass scans, simply managed from a smartphone […]
Pierluigi Paganini
July 12, 2017
SAP has released its SAP Security Notes for July 2017 that includes 23 patches, the most severe is a SAP POS flaw that affects about 500 billion installs SAP has released its Security Notes for July that includes 23 patches with the majority of them rated medium. The most severe issue is a high-risk DoS vulnerability […]
Pierluigi Paganini
July 11, 2017
Adobe released new versions of Flash Player and Connect web conferencing software to fix important and critical vulnerabilities. According to the security advisory published by Adobe for Flash Player, the new version 26.0.0.137 patches three critical vulnerabilities, including a remote code execution flaw tracked as CVE-2017-3099 that can be exploited by attackers to take full control of affected systems. […]
Security / November 12, 2025
Cyber Crime / November 12, 2025
