Pierluigi Paganini
March 02, 2017
A flaw in Cisco NetFlow Generation Appliance tracked as CVE-2017-3826, could be exploited by an unauthenticated, remote attacker to cause a DoS condition. “A vulnerability in the Stream Control Transmission Protocol (SCTP) decoder of the Cisco NetFlow Generation Appliance (NGA) could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial […]
Pierluigi Paganini
February 12, 2017
A new serious denial-of-service (DoS) vulnerability was patched this week by the Internet Systems Consortium (ISC) in the BIND DNS software. A security serious denial-of-service (DoS) vulnerability, tracked as CVE-2017-3135, was patched this week by the Internet Systems Consortium (ISC) in the BIND DNS software. The vulnerability in the BIND DNS software was reported by Ramesh Damodaran and Aliaksandr Shubnik of […]
Pierluigi Paganini
November 24, 2016
A researcher released a PoC exploit for the cve-2016-9311 flaw that can cause the crash of the NTP daemon and triggers a DoS condition on Windows systems. The NTP protocol could be exploited by hackers as an attack vector. The NTP is a networking protocol widely used for the clock synchronization purpose between systems over packet-switched, […]
Pierluigi Paganini
November 11, 2016
The OpenSSL Project has released the OpenSSL 1.1.0c update that addresses several vulnerabilities, including a high-severity DoS flaw (CVE-2016-7054). The OpenSSL Project has released an update for the 1.1.0 branch (OpenSSL 1.1.0c) to fix a number of vulnerabilities. One of the issues solved with the update is the high severity denial-of-service (DoS) flaw CVE-2016-7054 that […]
Pierluigi Paganini
November 08, 2016
A group of researchers from Nokia Bell Labs and Aalto University in Finland demonstrated how to hack protocols used in the LTE networks. We discussed several times the rule of the SS7 signaling protocol in mobile communications and how to exploit its flaws to track users. When mobile users travel between countries, their mobile devices connect to the infrastructure of a […]
Pierluigi Paganini
October 13, 2016
Dell issued the SonicWALL Email Security OS 8.3.2 release to address high severity issues that can be exploited to take control of the appliance. Security researchers at Digital Defense discovered multiple vulnerabilities while assessed the SonicWALL Email Security virtual appliance (Version 8.3.0.6149). According to the experts. The flaws could be exploited by attackers to conduct a wide […]
Pierluigi Paganini
October 13, 2016
Attackers are exploiting a recently patched high-severity DoS flaw, tracked as CVE-2016-2776, in the in the popular DNS software in BIND. Last month a vulnerability in the popular DNS software BIND, tracked as CVE-2016-2776, has been patched. The flaw could be exploited by a remote attacker to trigger a DoS condition using specially crafted DNS packets. The […]
Pierluigi Paganini
October 09, 2016
Cisco has rolled out several critical software patches for the CISCO Nexus 7000-series switches and the related NX-OS software. According to the Cisco Security Advisory, an attacker could exploit the vulnerabilities to gain remote access to vulnerable systems and execute code or commands. According to Wednesday’s Cisco Security Advisory, both the Nexus 7000 and 7700 […]
Pierluigi Paganini
August 17, 2016
Experts from Lookout revealed that all Android versions running the Linux Kernel 3.6 to the latest are affected by the CVE-2016-569 Linux flaw. Recently I wrote about a severe vulnerability (CVE-2016-5696) affecting the Linux version 3.6, deployed in 2012. The flaw was discovered by researchers from the University of California, Riverside, and the U.S. Army […]
Pierluigi Paganini
August 11, 2016
A severe design flaw in the Linux kernel could be exploited by attackers to hijack traffic, inject malware into connections, and run a wide range of attacks. A severe flaw in the Linux kernel could be exploited by attackers to hijack traffic, inject malware into downloads and web pages, and run a wide range of […]
