Pierluigi Paganini
April 16, 2017
Facebook disrupted an international spam campaign leveraging on bogus accounts used to create “likes” and bogus comments. The security team at Facebook has disrupted an international spam operation after a six months investigation. The company has neutralized a coordinated campaign that was leveraging on bogus accounts used to create inauthentic likes and comments. “Today we are taking another […]
Pierluigi Paganini
April 15, 2017
Microsoft determined that most of the flaws exploited by the tools in the dump released by Shadow Brokers yesterday were patched in March. Yesterday the Shadow Brokers hacker group has released a new portion of the alleged archive of the NSA containing hacking tools and exploits. The group released a 117.9 MB encrypted dump containing […]
Pierluigi Paganini
April 15, 2017
A bug dubbed Riddle vulnerability affecting MySQL 5.5 and 5.6 clients exposed user credentials to MiTM attacks. Update to version 5.7. A coding error dubbed The Riddle has been uncovered in the popular DBMS Oracle MySQL, the issue can be potentially exploited by attacker powering a man-in-the-middle attack to steal usernames and passwords. “The Riddle is a […]
Pierluigi Paganini
April 14, 2017
The Shadow Brokers group released a 117.9 MB encrypted dump containing documents that suggest NSA hacker SWIFT system in the Middle East. Last week, the notorious Shadow Brokers hackers group that claimed to have stolen the hacking tools and exploits from the NSA has leaked the password for an encrypted cache of Unix hacking tools […]
Pierluigi Paganini
April 14, 2017
Cisco issued two “critical” security advisories, one for Cisco IOS and Cisco IOS XE Software, another for a flaw affecting Apache Struts 2. Today Cisco issued two “critical” security advisories, the first one for Cisco IOS and Cisco IOS XE Software, the second one for the recently discovered flaw affecting Apache Struts 2. The vulnerability […]
Pierluigi Paganini
April 14, 2017
The Linux remote vulnerability tracked as CVE-2016-10229 poses Linux systems at rick of hack if not patched. A Linux kernel vulnerability, trackers as CVE-2016-10229, potentially allows attackers to remotely take over a vulnerable system (i.e. Servers, desktops, IoT devices and mobile devices). “udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP […]
Pierluigi Paganini
April 14, 2017
An unpatched vulnerability in Magento platform could be exploited by hackers to compromise fully web servers that host the e-commerce sites. An unpatched vulnerability in the Magento e-commerce platform could be exploited by attackers to upload and execute malicious PHP scripts on web servers that host online shops. The vulnerability was reported by experts at […]
Pierluigi Paganini
April 13, 2017
Security researchers at FireEye discovered that the Microsoft Word CVE-2017-0199 exploit was linked to cyberspying in Ukraine conflict. The zero-day vulnerability in Microsoft Office that was recently fixed by Microsoft was used to deliver a surveillance malware to Russian-speaking targets. Security experts from firm FireEye spotted the targeted attacks leveraging specifically crafted Microsoft Word documents that […]
Pierluigi Paganini
April 13, 2017
SAP has issued a security patch for the SAP TREX search engine that addresses also a two-years old critical vulnerability. SAP has issued a security patch for the SAP TREX search engine that addresses multiple vulnerabilities discovered by the experts in a 2015 patch released in December 2015. The SAP TREX search engine is used […]
Pierluigi Paganini
April 13, 2017
Hackers exploited the CVE-2014-9222 flaw, also known as ‘Misfortune Cookie’, to hack thousands of home routers and abuse them for WordPress attacks. According to the experts at the security firm Wordfence tens of thousands, of home routers have been hacked and used to power cyber attacks on WordPress websites. The security firm observed a spike in […]
