Pierluigi Paganini
April 29, 2019
Microsoft presented a series of security enhancements for its Windows 10, including the removal of the password-expiration policy. Microsoft announced the removal of the password-expiration policy from its operating system starting with the next Windows 10 feature update (Windows 10 version 1903, a.k.a., “19H1” ) and Windows Server version 1903. The idea behind this change […]
Pierluigi Paganini
April 28, 2019
Researchers devised a new side-channel attack in Qualcomm technology, widely used by most Android smartphones, that could expose private keys. Researchers have uncovered a new side-channel attack that could be exploited by attackers to extract sensitive data from Qualcomm secure keystore, including private keys, and passwords. The attack potentially impacts most of the modern Android […]
Pierluigi Paganini
April 27, 2019
US NIST updates its Automated Combinatorial Testing for Software (ACTS) research toolkit that should help experts in finding bugs in complex safety-critical applications. US NIST announced updated for its Automated Combinatorial Testing for Software (ACTS) research toolkit that should allow developers easily spot software errors in complex safety-critical applications. The ACTS toolkit allows development teams […]
Pierluigi Paganini
April 27, 2019
WordPress-based eCommerce websites using the WooCommerce plugin are at risk of full compromise due to an unpatched vulnerability. A WordPress security firm called ‘Plugin Vulnerabilities’ has discovered a critical vulnerability in the WooCommerce plugin that exposes WordPress-based eCommerce websites to hack. The vulnerability affects the WooCommerce Checkout Manager plugin that allows owners of e-commerce websites […]
Pierluigi Paganini
April 27, 2019
Experts at Cisco Talos group disclosed a dozen vulnerabilities in Sierra Wireless AirLink gateways and routers, including several serious flaws. Researchers at Cisco Talos group disclosed a dozen vulnerabilities affecting Sierra Wireless AirLink gateways and routers, including several serious flaws. Some of the flaws could be exploited to execute arbitrary code, modify passwords, and change […]
Pierluigi Paganini
April 25, 2019
British Government has approved a limited role for Huawei in the building of a national 5G network in the country, ignoring security concerns from senior ministers According to The Daily Telegraph newspaper, British Prime Minister Theresa May decided to assign a limited role to Chinese telco giant Huawei in the building of a 5G network […]
Pierluigi Paganini
April 25, 2019
A serious flaw in some of Rockwell Automation’s MicroLogix and CompactLogix PLCs can be exploited by a remote attacker to redirect users to malicious websites. Some of Rockwell Automation’s MicroLogix and CompactLogix PLCs are affected by a serious vulnerability can be exploited by a remote attacker to redirect users to malicious websites. The vulnerabilyt was […]
Pierluigi Paganini
April 22, 2019
Experts at security firm SafeGuard reported that Russian Twitter bot activity raised up by 286 percent in the wake of the release of the Mueller Report. Experts at security firm SafeGuard reported that Russian Twitter bot activity raised up by 286 percent in the wake of the release of the Mueller Report. Social media platforms […]
Pierluigi Paganini
April 20, 2019
Antivirus solutions from different vendors are having malfunctions after the installation of Windows security patches released on April 9, including McAfee, Avast and Sophos. Antivirus solutions from different vendors are showing malfunctions after the installation of Windows security patches released on April 9. Antivirus solutions from Sophos, Avira, ArcaBit, Avast, and recently McAfee reported security […]
Pierluigi Paganini
April 20, 2019
Google this week announced that it is going to block login attempts from embedded browser frameworks to prevent man-in-the-middle (MiTM) phishing attacks. Phishing attacks carried out by injecting malicious content in legitimate traffic are difficult to detect when attackers use an embedded browser framework or any other automated tool for authentication. For example, the embedded […]
APT / February 05, 2026
