Pierluigi Paganini
July 11, 2017
Adobe released new versions of Flash Player and Connect web conferencing software to fix important and critical vulnerabilities. According to the security advisory published by Adobe for Flash Player, the new version 26.0.0.137 patches three critical vulnerabilities, including a remote code execution flaw tracked as CVE-2017-3099 that can be exploited by attackers to take full control of affected systems. […]
Pierluigi Paganini
July 11, 2017
Security experts at TrendMicro discovered that the notorious Adwind RAT has resurfaced targeting enterprises in the Aerospace industries worldwide. Crooks are even more opportunists, they continually innovate their TTPs to maximize their profits to target the largest number of victims. Security experts at TrendMicro have discovered that the notorious Adwind RAT has resurfaced and cyber criminals are using it […]
Pierluigi Paganini
July 11, 2017
The Open source devops platform Cloud Foundry fixed a bug that affects its User Account and Authentication server software. The Open source devops platform Cloud Foundry has disclosed a vulnerability, tracked as CVE-2017-8032, that affects its User Account and Authentication server software. The flaw, rated by the organization as high-severity, could be exploited by zone […]
Pierluigi Paganini
July 10, 2017
Since May, APT actors have been penetrating the networks of US companies that operate nuclear facilities and that works in the energy industry. According to a joint report issued by the Department of Homeland Security and the FBI published last week, since May, hackers have been penetrating the networks of businesses that operate nuclear power stations, manufacturing […]
Pierluigi Paganini
July 09, 2017
Experts found a flaw in Humax WiFi Router model HG-100R that could be triggered to fully compromise the devices. A zero-day vulnerability in Humax WiFi Router model HG-100R could be exploited by attackers to compromise the WiFi credentials and obtain the router console administrative password. Trustwave SpiderLabs researchers discovered. The issue was found by researchers […]
Pierluigi Paganini
July 08, 2017
Researchers have exploited vulnerabilities in the implementation of the GMR-2 cipher decrypt satellite phone communications in fractions of a second. Two Chinese security researchers have exploited vulnerabilities in the implementation of the GMR-2 standard that could be exploited to decrypt satellite phone communications in fractions of a second. The GMR-2 is a stream cipher with 64-bit key-length […]
Pierluigi Paganini
July 08, 2017
Cyber attacks could have a significant impact on businesses, Mondelez International and Reckitt warn of NotPetya effect on the sales. Cyber attacks could have a significant impact on businesses, and two of the world’s largest consumer goods companies confirmed it. On Thursday the companies Mondelez and Reckitt Benckiser warned of the impact of the NotPetya […]
Pierluigi Paganini
July 07, 2017
Google warned of a serious flaw dubbed BroadPwn in some Broadcom Wi-Fi chipsets that potentially impacts millions of Android devices. Google published the monthly security update for Android devices, it warned of a serious flaw, dubbed BroadPWN, in some Broadcom Wi-Fi chipsets that potentially impacts millions of Android devices, as well as some iPhone models. BroadPwn is […]
Pierluigi Paganini
July 06, 2017
WikiLeaks leaked documents detailing BothanSpy and Gyrfalcon CIA implants designed to steal SSH credentials from Windows and Linux OSs. WikiLeaks has published a new batch of documents from the Vault7 dump detailing two new CIA implants alleged used by the agency to intercept and exfiltrate SSH (Secure Shell) credentials from both Windows and Linux operating systems […]
Pierluigi Paganini
July 06, 2017
Perl development team solved a flaw in DBD—MySQL in some configurations that wasn’t enforcing encryption allowing an attacker to power MiTM attacks. The security researcher Pali Rohár reported an important flaw in DBD—MySQL, tracked as CVE-2017-10789, that affects only encryption between client and server. According to the expert, the issue in some configurations wasn’t enforcing encryption allowing an attacker to […]
