Pierluigi Paganini
July 19, 2021
Cisco Talos experts disclose details of several critical flaws in a router monitoring application developed by industrial and IoT firm Advantech. Cisco Talos researchers discovered multiple critical vulnerabilities in the R-SeeNet application developed by industrial and IoT firm Advantech. The application allows network administrators to monitor Advantech routers in their infrastructure. The monitoring tool collects […]
Pierluigi Paganini
July 19, 2021
Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware. Pegasus is a surveillance malware developed by […]
Pierluigi Paganini
July 18, 2021
Cyberspace Administration of China (CAC) issued new vulnerability disclosure regulations that oblige experts to report zero-days to the government. The Cyberspace Administration of China (CAC) has issued a new exacerbated vulnerability disclosure regulation that requires white hat hackers uncovering critical zero-day flaws in computer systems to first report them to the government authorities within two […]
Pierluigi Paganini
July 18, 2021
Instagram introduced a new security feature dubbed “Security Checkup” to help users to recover their accounts that have been compromised. Good news for the owners of Instagram accounts that may have been compromised, the company launched a new feature named ‘Security Checkup‘ feature that aims to keep accounts safe and help users to recover them. […]
Pierluigi Paganini
July 18, 2021
BleepingComputer became aware that the recent wave of attacks targeting vulnerable SonicWall devices was carried out by HelloKitty ransomware operators. SonicWall this week has issued an urgent security alert to warn companies of “an imminent ransomware campaing” targeting some of its equipment that reached end-of-life (EoL). Threat actors could target unpatched devices belonging to Secure Mobile Access […]
Pierluigi Paganini
July 17, 2021
The US government is offering a $10 million reward to everyone that provides information on operations conducted by nation-state actors. The US government is offering a $10 million reward for information on campaigns conducted by state-sponsored hackers. The move was announced by the U.S. Department of State, the US agency states that its Rewards for […]
Pierluigi Paganini
July 17, 2021
Cisco addressed a high severity DoS vulnerability in the Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. Cisco this week released security updates for a high severity vulnerability in the Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) products. The flaw resides in the software cryptography module of both ASA and FTD […]
Pierluigi Paganini
July 17, 2021
Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router. An attacker could exploit the flaws to execute arbitrary code on unpatched routers, crash the devices, or gain access […]
Pierluigi Paganini
July 16, 2021
Microsoft published guidance to mitigate the impact of a new Windows Print Spooler vulnerability tracked as CVE-2021-34481 that was disclosed today. Microsoft published a security advisory for a new Windows Print Spooler vulnerability, tracked as CVE-2021-34481, that was disclosed on Thursday. The flaw is a privilege elevation vulnerability that resides in the Windows Print Spooler, it was […]
Pierluigi Paganini
July 16, 2021
Google Chrome 91.0.4472.164 addresses seven security vulnerabilities, including a high severity zero-day flaw exploited in the wild. Google has released Chrome 91.0.4472.164 for Windows, Mac, and Linux that addresses seven vulnerabilities, including a high severity zero-day vulnerability, tracked as CVE-2021-30563, that has been exploited in the wild. The CVE-2021-30563 is a “type confusion” issue that […]
