Pierluigi Paganini
March 19, 2021
Experts found vulnerabilities in two WordPress plugins that could be exploited to run arbitrary code and potentially take over a website. Security researchers disclosed vulnerabilities in Elementor and WP Super Cache WordPress plugins that could be exploited to run arbitrary code and take over a website under certain circumstances. The flaws were uncovered in the Elementor […]
Pierluigi Paganini
March 18, 2021
Wintriage is a live response tool that extracts Windows artifacts, it allows to extract the most artifacts as possible, but in a selective way Throughout my life, my daily job has been purely related to cybersecurity. But the branch I like the most is Incident Response and Forensics. So, I work as DFIRer. For many […]
Pierluigi Paganini
March 17, 2021
Cybersecurity research at WizCase, an online security and privacy portal, built a tool to track accessible ElasticSearch servers on the internet. Cybersecurity research at WizCase, an online security and privacy portal, developed a tool that allows track accessible ElasticSearch servers on the Internet. The tool scans the web for accessible ElasticSearch servers and displays different variables […]
Pierluigi Paganini
March 16, 2021
Microsoft released an Exchange On-premises Mitigation Tool (EOMT) tool to small businesses for the fix of ProxyLogon vulnerabilities. On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild. The IT giant reported that at least one […]
Pierluigi Paganini
March 16, 2021
Microsoft is reportedly investigating whether the recent attacks against Microsoft Exchange servers could be linked to information leaked by a partner security firm. According to a report published by The Wall Street Journal, Microsoft is investigating whether the threat actors behind the recent wave of attacks on Microsoft Exchange servers worldwide may have obtained sensitive […]
Pierluigi Paganini
March 15, 2021
Google has addressed a new zero-day flaw in its Chrome browser that has been actively exploited in the wild, the second one within a month Google has fixed a new actively exploited zero-day in its Chrome browser, this is the second zero-day issue addressed by the IT giant within a month. The flaw, tracked as […]
Pierluigi Paganini
March 13, 2021
Three 15-year-old flaws in Linux kernel could be exploited by local attackers with basic user privileges to gain root privileges on vulnerable Linux systems. GRIMM researchers found three vulnerabilities in the SCSI (Small Computer System Interface) component of the Linux kernel, the issues could be exploited by local attackers with basic user privileges to gain root privileges […]
Pierluigi Paganini
March 12, 2021
Experts at the NetBlocks Internet Observatory observed this week a temporary disruption of internet service in Russia due to new restrictions. On Wednesday 10 March 2021, researchers from Network data from the NetBlocks Internet Observatory observed the disruption of internet service provided by the Russian operator Rostelecom. The partial disruption of the service coincided with […]
Pierluigi Paganini
March 11, 2021
Security firm F5 announced the availability of patches for seven vulnerabilities in BIG-IP, four of which have been rated as “critical” severity. BIG-IP product family includes hardware, modularized software, and virtual appliances that run the F5 TMOS operating system and provides load balancing, firewall, access control, threat protection capabilities. The vendor has released security updates for seven […]
Pierluigi Paganini
March 10, 2021
Researchers from the Wordfence team found a critical vulnerability in The Plus Addons for Elementor WordPress plugin that could be exploited to take over a website. Researchers at the Wordfence team of the security firm Defiant have spotted a critical flaw in The Plus Addons for Elementor WordPress plugin that could be exploited by attackers […]
