Pierluigi Paganini
April 24, 2020
Mozilla announced some changes to its Firefox bug bounty program, it promises bigger rewards for vulnerabilities and will accept duplicate reports if necessary. Mozilla announced some major changes to its bug bounty program that was first launched in 2004. The organization paid out $965,750 for roughly 350 vulnerabilities, the average payout for each issue was […]
Pierluigi Paganini
April 23, 2020
Microsoft released an out-of-band advisory to address security vulnerabilities affecting Autodesk FBX vulnerabilities in Office, Office 365, and Paint 3D. Researchers from Autodesk discovered multiple vulnerabilities that affect the Autodesk FBX software development kit (SDK), the issues could lead to code execution and trigger denial of service conditions. Microsoft confirmed that the issues in the Autodesk […]
Pierluigi Paganini
April 23, 2020
With smart-working many companies turn to tools like robotic process automation (RPA software) to help make adjustments on the business processes … is it secure? In response to the Coronavirus pandemic, many companies have adjusted how they do business. As they shift to remote work and establish new policies, some companies find these changes to […]
Pierluigi Paganini
April 22, 2020
China-linked Winnti cyberespionage group targets South Korean video gaming company Gravity, QuoIntelligence (QuoINT) firm reported. Security experts from QuoIntelligence (QuoINT) firm reported that China-linked Winnti cyberespionage group targets South Korean video gaming company Gravity. The Winnti group was first spotted by Kaspersky in 2013, but according to the researchers the gang has been active since 2007. […]
Pierluigi Paganini
April 21, 2020
The OpenSSL Project has released a security update for OpenSSL that addresses a DoS vulnerability tracked as CVE-2020-1967. The OpenSSL Project released a security update for OpenSSL that patches a high-severity vulnerability, tracked as CVE-2020-1967, that can be exploited by attackers to launch denial-of-service (DoS) attacks. This is the first issue addressed in OpenSSL in […]
Pierluigi Paganini
April 17, 2020
Security firm Guardicore released technical information on a critical VMware vCenter Server vulnerability recently disclosed by VMware. Earlier this month, VMware has addressed a critical information disclosure flaw, tracked as CVE-2020-3952, that could be exploited by attackers to compromise vCenter Server or other services that use the Directory Service (vmdir) for authentication. The CVE-2020-3952 vulnerability […]
Pierluigi Paganini
April 17, 2020
Cisco released security patches to address numerous flaws in its products, including critical severity issues that affect IP Phones and UCS Director. The critical vulnerability fixed by Cisco affects IP Phones and resides on the webserver, the flaw could be exploited by a remote, unauthenticated attacker to execute code with root privileges. The flaw, tracked as CVE-2020-3161, […]
Pierluigi Paganini
April 17, 2020
by Boris Giannetto and Pierluigi Paganini Communication is key in intelligence activities. On the one hand, it is essential to transfer to a number of recipients the knowledge coming from information acquisition and analysis (“intelligence communication”); on the other hand, it is crucial to understand and control the communication connected with the activities carried out (“communication […]
Pierluigi Paganini
April 14, 2020
Microsoft Patch Tuesday security updates for April 2020 address 113 flaws, including three Windows issues that have been exploited in attacks in the wild. Microsoft Patch Tuesday security updates for April 2020 address 113 flaws, including two remote code execution flaws in Windows that are actively exploited. 17 vulnerabilities are rated critical, the remaining ones are […]
Pierluigi Paganini
April 14, 2020
Adobe has addressed five minor vulnerabilities in its ColdFusion, After Effects and Digital Editions products. Adobe has addressed five vulnerabilities in its ColdFusion, After Effects and Digital Editions products. “Adobe has published security bulletins for Adobe ColdFusion (APSB20-18), Adobe After Effects (APSB20-21) and Digital Editions (APSB20-23). Adobe recommends users update their product installations to the latest versions […]
