Hacking

Pierluigi Paganini May 11, 2017
Patch your Asus RT wireless routers now to avoid ugly surprises

Security experts at Nightwatch Cybersecurity have found serious flaws in the Asus RT wireless routers that could allow hackers to take over them. Security experts at Nightwatch Cybersecurity serious flaws in the Asus RT wireless routers. Dozens of models don’t implement an adequate protection against cross-site request forgery attacks. The vulnerability, tracked as CVE-2017-5891, affects the Asus RT […]

Pierluigi Paganini May 11, 2017
Cisco patched CVE-2017-3881 IOS XE Vulnerability leaked in CIA Vault 7 Dump

Cisco patched the critical CVE-2017-3881 flaw that affects CISCO Catalyst switches and that can be potentially exploited by attackers to hijack networks. Cisco patched a critical security flaw, tracked as CVE-2017-3881, affecting its CISCO Catalyst switches that can be potentially exploited by attackers to hijack networks. The vulnerability was disclosed in the CIA Vault 7 data leak, according to Switchzilla […]

Pierluigi Paganini May 11, 2017
SAP Patches 17 security flaws, the lowest number of monthly update over the past 6 months

SAP issued the May 2017 Security Update that addresses 17 security Vulnerabilities. On Tuesday SAP released the May 2017 security update that addresses 17 vulnerabilities in its products, 9 of them were released on this Security Patch Day. “On 9th of May 2017, SAP Security Patch Day saw the release of 9 security notes. Additionally, there were […]

Pierluigi Paganini May 10, 2017
iCloud Keychain vulnerability allowed hackers to Steal sensitive data

Apple has recently fixed an iCloud Keychain vulnerability that could have been exploited by hackers to steal sensitive data from iCloud users. The flaw allowed hackers to run man-in-the-middle (MitM) attacks to obtain sensitive user information (i.e. names, passwords, credit card data, and Wi-Fi network information). The researcher Alex Radocea of Longterm Security discovered in […]

Pierluigi Paganini May 10, 2017
Microsoft Patch Tuesday updates for May 2017 fix Zero Days exploited by Russian APT groups

Microsoft Patch Tuesday for May 2017 address tens security vulnerabilities, including a number of zero-day flaws exploited by Russian APT groups. Microsoft Patch Tuesday updates for May 2017 fix more than 50 security flaws, including a number of zero-day vulnerabilities exploited by Russian APT groups. Microsoft released security updates for Windows, Internet Explorer, Edge, Office, […]

Pierluigi Paganini May 09, 2017
Jenkins patched a critical RCE flaw in its open source automation server

Jenkins developers fixed a critical RCE vulnerability in the popular open source automation server along with many other issues. Jenkins is the most popular open source automation server, it is maintained by CloudBees and the Jenkins community. The automation server supports developers build, test and deploy their applications, it has more than 133,000 active installations […]

Pierluigi Paganini May 09, 2017
Microsoft fixes Microsoft Malware Protection Engine RCE vulnerability CVE-2017-0290 found by Google

Microsoft fixes the vulnerability in the Microsoft Malware Protection Engine (CVE-2017-0290) discovered just three days by Google experts. Last week the researchers at the Google Project Zero team have discovered a new critical Windows RCE vulnerability, tracked as CVE-2017-0290, they defined the bug as the worst Windows RCE in recent memory. I think @natashenka and […]

Pierluigi Paganini May 09, 2017
#MacronLeaks metadata suggests Russian threat actors behind Macron’s hack

#MacronLeaks – Experts discovered evidence suggesting Russian threat actors behind the hack of French presidential candidate Macron. Who are the hackers that attempted to subvert the final vote of French Presidential Election by targeting the Macron’s campaign? Hackers leaked a 9GB batch of internal documents through the Magnet file-sharing service. The Macron data leakage has happened while […]

Pierluigi Paganini May 08, 2017
Google Project Zero team the worst Windows RCE vulnerability in recent memory

Hackers at the Google Project Zero team have discovered another critical Windows RCE vulnerability, the worst Windows RCE in recent memory. Security experts at Google Project Zero team have discovered another critical remote code execution (RCE) vulnerability in Microsoft Windows OS, but this time the hackers defined it as the worst Windows RCE in recent memory. […]

Pierluigi Paganini May 08, 2017
Android’s Vampire Bat Apps are listening to your life through ultrasonic beacons

Researchers at Technische Universitat Braunschweig published a study on 200+ Android mobile apps that are listening to your life through ultrasonic beacons. Researchers at Technische Universitat Braunschweig in Germany recently published a finding that over 200 Android mobile applications are listening to your life through ultrasonic beacons. Like digital electronic vampire bats, these apps are checking […]