Pierluigi Paganini
November 01, 2017
Oracle fixed a flaw in Oracle Identity Manager that was rated with a CVSS v3 score of 10.0 and can result in complete compromise of the software via an unauthenticated network attack. Oracle issued an emergency patch for a vulnerability in Oracle Identity Manager, the flaw tracked as CVE-2017-10151 was rated 10 in severity on the CVSS scale. […]
Pierluigi Paganini
October 30, 2017
Security personnel at Heathrow Airport have an exciting investigation underway after confidential security documentation was found on a sidewalk in West London. An unnamed man, on his way to the library, spotted a thumb drive on the sidewalk in Queen’s Park, West London. He pocketed the USB drive and continued on his way. He remembered the USB […]
Pierluigi Paganini
October 19, 2017
Oracle released the October 2017 Critical Patch Update (CPU) that addresses a total of 252 security vulnerabilities that affect multiple products. Most of the vulnerabilities fixed by Oracle could be remotely exploitable without authentication. This is the last Oracle Critical Patch Update of 2017, this year the tech giant already resolved 1119 vulnerabilities, or 22% […]
Pierluigi Paganini
October 18, 2017
Google continues working to improve the security of its users, the last measure introduced by the company it the ‘Advanced Protection’ feature. The Advanced Protection feature was designed to improve the security of users, who are at high risk of targeted attacks. “We took this unusual step because there is an overlooked minority of our users that […]
Pierluigi Paganini
October 10, 2017
Researchers from security firm Positive Technologies warns of 4G/5G Wireless Networks as vulnerable as WiFi and putting smart-cities at risk The Internet of Things (IoT) presents many new opportunities and some different challenges. The vast number of devices makes it very expensive to connect everything with traditional network cabling and in many cases the equipment […]
Pierluigi Paganini
October 07, 2017
Security experts from Skyhigh Networks discovered a wide-scale attack with a new stealthy technique, dubbed KnockKnock, that targets Office 365 accounts. The cloud access security broker Skyhigh Networks discovered a wide-scale attack with a new stealthy technique, dubbed KnockKnock, that targets Office 365 (O365) accounts. The massive campaign leverages a low-key attack, started in May and is […]
Pierluigi Paganini
October 06, 2017
The year is 2020, high economic, military and cultural tension between Russia & the US. You are at the London office, entering a video meeting with the sales team in America, the American team presents with enthusiasm the sales achievement of the recent quarter, then, suddenly the call is disconnected. You are trying to re-establish […]
Pierluigi Paganini
October 05, 2017
Dyn Research discovered traffic coming from North Korea running over the Russian TransTeleCom network, this is the second internet route of the regime. North Korea gets a second Internet connection thanks to the support of a state-owned Russian firm. From the perspective of security analysts, this second connection will improve in a significant way the cyber […]
Pierluigi Paganini
October 04, 2017
Mobile security firm Appthority published an interesting report that revealed which Android and iOS applications are most frequently blacklisted by enterprises. The company Appthority has published an interesting report that reveals which mobile apps, both Android and iOS, are most frequently blacklisted by enterprises. “The mobile ecosystem in an enterprise comprises apps from managed devices, BYOD and COPE. Appthority compiled […]
Pierluigi Paganini
September 30, 2017
Siemens has started releasing security patches to fix a high severity access control vulnerability in its industrial switches tracked as CVE-2017-12736. The flaw was discovered by experts at Siemens and could be exploited by remote attackers to hack some of Siemens industrial communications devices. The vulnerability affects SCALANCE X industrial Ethernet switches, and Ruggedcom switches and serial-to-ethernet […]
