Pierluigi Paganini
June 03, 2021
Researchers found multiple flaws in the Realtek RTL8170C Wi-Fi module that could be exploited to elevate privileges and hijack wireless communications. Researchers from Israeli IoT security firm Vdoo found multiple vulnerabilities in the Realtek RTL8170C Wi-Fi module that could allow to elevate privileges and hijack wireless communications. The Realtek RTL8710C module is based on a […]
Pierluigi Paganini
June 02, 2021
A critical zero-day vulnerability in the Fancy Product Designer WordPress plugin exposes more than 17,000 websites to attacks. Researchers from the Wordfence team at WordPress security company Defiant warn that a critical zero-day vulnerability, tracked as CVE-2021-24370, in the Fancy Product Designer WordPress plugin is actively exploited in the wild. Fancy Product Designer is a […]
Pierluigi Paganini
June 01, 2021
The American food processing company and meat producer JBS Foods was forced to shut down production at multiple sites worldwide following a cyberattack. The American food processing giant JBS Foods, the world’s largest processor of fresh beef, was forced to shut down production at multiple sites worldwide following a cyberattack. The cyberattack impacted multiple production plants […]
Pierluigi Paganini
May 31, 2021
A security researcher discovered a bug in PatchGuard Windows security feature that can allow loading unsigned malicious code into the Windows kernel. Japanese researcher Kento Oki has discovered a bug in PatchGuard that could be exploited by an attacker to load unsigned malicious code into the Windows operating system kernel. The PatchGuard, also known as […]
Pierluigi Paganini
May 30, 2021
Researchers disclosed two new attack techniques that allow modifying visible content on certified PDF documents without invalidating the digital signature. Researchers from Ruhr-University Bochum have disclosed two new attack techniques, dubbed Evil Annotation and Sneaky Signature attacks, on certified PDF documents that could potentially allow attackers to modify visible content without invalidating their digital signature. The […]
Pierluigi Paganini
May 29, 2021
The FBI is going to share compromised passwords discovered during investigations with Have I Been Pwned (HIBP)’s ‘Pwned Passwords’ service. The FBI will share compromised passwords that were discovered during investigations with the ‘Pwned Passwords‘ service implemented by the data breach notification site Have I Been Pwned (HIBP). The Pwned Passwords service allows users to search […]
Pierluigi Paganini
May 29, 2021
Secured Search is a browser hijacker that changes your browser’s settings to promote securedsearch.com, let’s remove it. Secured Search is the same piece of software as ByteFence Secure Browsing. It’s supposedly a tool that improves browsing security and privacy. In reality, it’s a browser hijacker. It alters your browser’s settings to promote securedsearch.com (which is […]
Pierluigi Paganini
May 29, 2021
SonicWall urges customers to address a post-authentication flaw that affects on-premises versions of the Network Security Manager (NSM). SonicWall urges customers to ‘immediately’ address a post-authentication vulnerability, tracked as CVE-2021-20026, impacting on-premises versions of the Network Security Manager (NSM). The vulnerability rated with an 8.8 severity score could be simply exploited without user interaction. The flaw could […]
Pierluigi Paganini
May 28, 2021
Industrial cybersecurity firm Claroty discovered a new flaw in Siemens PLCs that can be exploited by a remote and unauthenticated attacker to hack the devices. Researchers at industrial cybersecurity firm Claroty have discovered a high-severity vulnerability in Siemens PLCs, tracked as CVE-2020-15782, that could be exploited by remote and unauthenticated attackers to bypass memory protection. The […]
Pierluigi Paganini
May 27, 2021
The FBI revealed that foreign hackers compromised the network of a local US municipal government by exploiting flaws in an unpatched Fortinet VPN. The Federal Bureau of Investigation (FBI) reported that an APT group had breached the network of a local US municipal government by exploiting vulnerabilities in an unpatched Fortinet VPN. “The FBI is […]
