exploit Archives - Security Affairs

Pierluigi Paganini May 04, 2023

Experts devised a new exploit for the PaperCut flaw that can bypass all current detection

VulnCheck researchers devised a new exploit for a recently disclosed critical flaw in PaperCut servers that bypasses all current detections. Cybersecurity researchers from VulnCheck have developed a new exploit for the recently disclosed critical flaw in PaperCut servers, tracked as CVE-2023-27350 (CVSS score: 9.8), that bypasses all current detections. The CVE-2023-27350 flaw is a PaperCut MF/NG Improper Access […]

Pierluigi Paganini April 19, 2023

PWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022

Citizen Lab reported that Israeli surveillance firm NSO Group used at least three iOS zero-click exploits in 2022. A new report from Citizen Lab states that the Israeli surveillance firm NSO Group used at least three zero-click zero-day exploits to deliver its Pegasus spyware. In 2022, the Citizen Lab analyzed the NSO Group activity after finding […]

Pierluigi Paganini July 09, 2022

Apple Lockdown Mode will protect users against highly targeted cyberattacks

Apple plans to introduce a security feature, called Lockdown Mode, to protect its users against “highly targeted cyberattacks.” The recent wave of sophisticated attacks against Apple users (i.e. Pegasus, DevilsTongue, and Hermit) urged the tech giant to develop a new security feature, called Lockdown Mode, to protect its users against highly targeted cyberattacks. The new feature will be implemented in iOS 16, iPadOS […]

Pierluigi Paganini April 19, 2022

NSO Group Pegasus spyware leverages new zero-click iPhone exploit in recent attacks

Researchers reported that threat actors leveraged a new zero-click iMessage exploit to install NSO Group Pegasus on iPhones belonging to Catalans. Researchers from Citizen Lab have published a report detailing the use of a new zero-click iMessage exploit, dubbed HOMAGE, to install the NSO Group Pegasus spyware on iPhones belonging to Catalan politicians, journalists, academics, and activists. […]

Pierluigi Paganini September 04, 2019

Android Zero-Day exploits are the most expensive in the new Zerodium price list

Zero-day broker Zerodium has updated the price list for both Android and iOS exploits, with Android ones having surpassed the iOS ones for the first time. For the first time, the price for Android exploits is higher than the iOS ones, this is what has emerged from the updated price list published by the zero-day […]

Pierluigi Paganini February 13, 2019

Malicious PDF Analysis

In the last few days I have done some analysis on malicious documents, especially PDF. Then I thought, “Why not turn a PDF analysis into an article?” Let’s go to our case study: I received a scan request for a PDF file that was reported to support an antivirus vendor, and it replied that the […]

Pierluigi Paganini January 27, 2019

Using steganography to obfuscate PDF exploits

Experts discovered PDF exploit that was using steganography to hide malicious JavaScript code in images embedded in PDF files. The exploit analysis firm EdgeSpot recently discovered PDF exploit that was using steganography to hide malicious JavaScript code in images embedded in PDF files. “Shortly after last week’s discovery of a PDF exploit which used the […]

Pierluigi Paganini December 18, 2016

Security expert disclosed a full zero-day drive-by exploit for Linux leveraging SNES

The security expert Chris Evans has disclosed a zero-day exploit successfully tested on Ubuntu and Fedora distributions that may affect other distros. The security expert Chris Evans has disclosed a zero-day exploit for Ubuntu and Fedora distributions. The flaw is a full drive-by download exploit that may impact also other Linux distributions. The researcher successfully the full […]

Pierluigi Paganini October 26, 2016

Pwn2Own 2016 – Keen Team won $215k by hacking Nexus 6p and iPhone 6S

Tencent Team Keen won $215k at PWN2OWN Mobile by hacking Nexus 6p and using two exploits for the iPhone iOS 10.1 … all in just 5 minutes each round. Yesterday I was writing about the possibility to hack an Apple device just by opening an image or a PDF, today I desire to inform you […]

Pierluigi Paganini September 23, 2016

The leak of NSA hacking tools was caused by a staffer mistake

A US investigation into the leak of the NSA hacking tools used by the Agency is focusing on a theory that it was caused by a staffer mistake. The hack of the NSA-linked group Equation Group and the leakage of the NSA hacking tools in its arsenal it probably one the most disconcerting events of the […]

exploit

Experts devised a new exploit for the PaperCut flaw that can bypass all current detection

PWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022

Apple Lockdown Mode will protect users against highly targeted cyberattacks

NSO Group Pegasus spyware leverages new zero-click iPhone exploit in recent attacks

Android Zero-Day exploits are the most expensive in the new Zerodium price list

Malicious PDF Analysis

Using steganography to obfuscate PDF exploits

Security expert disclosed a full zero-day drive-by exploit for Linux leveraging SNES

Pwn2Own 2016 – Keen Team won $215k by hacking Nexus 6p and iPhone 6S

The leak of NSA hacking tools was caused by a staffer mistake

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA adds Trend Micro Apex One flaw to its Known Exploited Vulnerabilities catalog

AI for Cybersecurity: Building Trust in Your Workflows

Taiwan Web Infrastructure targeted by APT UAT-7237 with custom toolset

New NFC-Driven Android Trojan PhantomCard targets Brazilian bank customers

Cisco fixed maximum-severity security flaw in Secure Firewall Management Center

QUICK LINKS

exploit

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!