MUST READ

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

 | 

Hackers exploit Fortra GoAnywhere flaw before public alert

 | 

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

 | 

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

 | 

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

 | 

Operation HAECHI VI seized $439M from global cybercrime rings

 | 

Volvo North America disclosed a data breach following a ransomware attack on IT provider Miljödata

 | 

Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software

 | 

Nation-State hackers exploit Libraesva Email Gateway flaw

 | 

SolarWinds fixed a critical RCE flaw in its Web Help Desk software

 | 

How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

 | 

Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps

 | 

U.S. CISA adds Google Chromium flaw to its Known Exploited Vulnerabilities catalog

 | 

US Secret Service dismantled covert communications network near the U.N. in New York

 | 

A suspected Scattered Spider member suspect detained for casino network attacks

 | 

$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations

 | 

Canada's RCMP closes TradeOgre, seizes $40M in country’s largest crypto bust

 | 

Stellantis probes data breach linked to third-party provider

 | 

FBI alerts public to spoofed IC3 site used in fraud schemes

 | 

EU agency ENISA says ransomware attack behind airport disruptions

 | 

search

Date range
Filters

17526 results

Pierluigi Paganini November 06, 2018
Flaws in several self-encrypting SSDs allows attackers to decrypt data they contain

The encryption system implemented by popular solid-state drives (SSDs) is affected by critical vulnerabilities that could be exploited by a local attacker to decrypt data. The flaws were discovered by researchers Carlo Meijer and Bernard van Gastel at Radboud University in the Netherlands, the duo discovered that it is possible to bypass password-based authentication to access to […]

Pierluigi Paganini November 06, 2018
IBM Watson will be used by NIST to assign CVSS scores to vulnerabilities

The National Institute of Standards and Technology (NIST) is planning to use Artificial Intelligence to assign the CVSS scores to reported vulnerabilities. The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. A Common Vulnerability Scoring System (CVSS) score between 0.0 and 10.0 that is assigned to each flaw according to its severity. […]

Pierluigi Paganini November 06, 2018
Shellbot Botnet Targets IoT devices and Linux servers

Security experts at Trend Micro have spotted an IRC bot dubbed Shellbot that was built using Perl Shellbot. The malware was distributed by a threat group called Outlaw, it was able to target Linux and Android devices, and also Windows systems. “We uncovered an operation of a hacking group, which we’re naming “Outlaw” (translation derived from the Romanian word haiduc, […]

Pierluigi Paganini November 06, 2018
New attack by Anonymous Italy: personal data from ministries and police have been released online

New attack by Anonymous Italy: personal data from ministries and police have been released online. The site of Fratelli d’Italia, a post-fascist party, has been defaced The iconoclastic fury of Italian Anonymous does not stop. As announced, the three groups that coordinate the operation “Black Week” have released also today new data from their raids on […]

Pierluigi Paganini November 05, 2018
Google dorks were the root cause of a catastrophic compromise of CIA’s communications

Google queries allowed Iran Government to dismantle the CIA communication network used by its agents and kill dozens of tens of spies The alleged hack of the communications network used by CIA agents allowed Iranian intelligence to identify and kill at least 30 spies. According to Yahoo! News the security breach has happened in 2009, the Iranian […]

Pierluigi Paganini November 05, 2018
Flaw in Icecast streaming media server allows to take off online Radio Stations

Icecast streaming media server is affected by a flaw that could be exploited by an attacker to take off the broadcast of online radio stations. Icecast streaming media server is affected by a vulnerability, tracked as CVE-2018-18820, that could be exploited by an attacker to take off the broadcast of online radio stations.  Icecast supports both audio and video data […]

Pierluigi Paganini November 05, 2018
High severity XML external entity flaw affects Sauter building automation product

A security researcher has found a serious vulnerability in a building automation product from Sauter AG that could be exploited to steal files from an affected system. Sauter AG CASE Suit is a building automation product used worldwide that is affected by a high severity XML external entity (XXE) vulnerability that could be exploited to steal files from an affected […]

Pierluigi Paganini November 05, 2018
USB drives are primary vector for destructive threats to industrial facilities

USB removable storage devices are the main vector for malware attacks against industrial facilities, states Honeywell report. According to a report published on by Honeywell, malware-based attacks against industrial facilities mostly leverage USB removable storage devices Experts from Honeywell analyzed data collected with the Secure Media Exchange (SMX), a product it has launched in 2017 and that was designed […]

Pierluigi Paganini November 04, 2018
PortSmash flaw in Hyper-Threading CPU could allow sensitive data theft

PortSmash side-channel flaw that could be exploited with a timing attack to steal information from other processes running in the same CPU core. PortSmash is a new side-channel vulnerability that could be exploited with a timing attack to steal information from other processes running in the same CPU core with SMT/hyper-threading enabled. A group of […]

Pierluigi Paganini November 04, 2018
Apple T2 security chip in new MacBooks disconnects Microphone when lid is closed

Apple has implemented a new feature to protect the privacy of its MacBooks users aimed at preventing malicious software from spying on them. The Apple T2 security chip installed in the new series of MacBooks includes a new hardware feature that physically disconnects the built-in microphone when the lid is closed. The new T2 chip is installed in […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Microsoft uncovers new variant of XCSSET macOS malware in targeted attacks

Malware / September 26, 2025

Hackers exploit Fortra GoAnywhere flaw before public alert

Hacking / September 26, 2025

UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware

Hacking / September 26, 2025

Google warns of Brickstorm backdoor targeting U.S. legal and tech sectors

Malware / September 26, 2025

U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog

Hacking / September 25, 2025